Xcitium (formerly known arsenic Comodo Security Solutions) has been astir for implicit 25 years. They made headlines successful 2010 by openly challenging cybersecurity elephantine Symantec's assertion that paid antivirus programs are amended than free antivirus software - Comodo/Xcitium was close and to this time there's not overmuch grounds that paying much gives users importantly amended antivirus protection.
Given this institution had the courageousness to spell toed to toed with the large names successful information software, we were anxious to effort retired their 'Xcitium Advanced' Endpoint Protection platform. The main merchandise leafage claims that it offers some EPP (Endpoint Protection) and EDR (Endpoint Detection and Response) utilizing a scope of precocious detection and prevention features. The level has adjacent earned the seal of support of autarkic reappraisal website av-test.org.
This begs the question : has Xcitium created 1 of the best endpoint information software solutions that could adjacent enactment the large names successful the manufacture to shame?
Xcitum Advanced: Plans and pricing
Xcitium offers a scope of level products, including Xcitium Managed for MDR (Managed Detection and Response) and Xcitium Ultimate for XDR (Extended Detection and Response).
Xcitium Advanced itself doesn't look to connection immoderate staged tiers of service, truthful subscribers tin payment from each the advertised EPP/EDR features. Unfortunately if you're looking for circumstantial pricing for your organization, you'll request to interaction Xcitium's income section straight arsenic there's nary pricing array connected the merchandise page.
The institution bash however, let you to petition a customized demo of the product. Xcitium besides has a registration leafage for funny parties to make a caller relationship successful bid to petition a proceedings mentation of products.
Xcitum Advanced: Features
According to the registration e-mails we received the motto of Xcitium Advanced is "Unleash the Power of Zero". In different words, users of the level tin look guardant to zero information breaches oregon different threats.
Chief benefits of the level included precocious endpoint information Anti-Virus (AV), Viruscope (NGAV), endpoint detection and effect (EDR), Host Intrusion Prevention System (HIPS), a Firewall (FW), and endpoint absorption (EM) capabilities.
The institution claims their level is simply a chopped supra the remainder successful menace prevention via 'ZeroDwell Containment'. This is really a standalone merchandise which forms portion of Xcitium Advanced and incorporates a fig of features. In the company's ain words, these include:
"...Advanced EDR work transportation from the Xcitium Threat Research Labs (XTRL), and the Verdict Cloud engine, a record information determination work utilized to measure isolated files and objects to EDR supply a malicious oregon harmless verdict astir contained Unknowns."
The aforementioned 'Verdict Cloud Engine' deserves peculiar mention, arsenic it purportedly publishes results published globally successful real-time for each Xcitium Advanced EDR customers to trim threats crossed the board.
The product's data sheet besides provides an fantabulous summary of Xcitium Advanced features, including fileless malware detection, which tin forestall threats recovered successful areas similar RAM alternatively of information files.
The level besides has a highly-configurable alerts argumentation (we were precise pleased to spot the enactment to person email alerts during our tests). These see notifications astir the aforementioned fileless attacks, precocious persistent threats (APTs), and privilege escalation attempts.
Special notation should besides spell to the 'Virtual Desktop' diagnostic for those users who instal the 'Security' add-on for the endpoint cause (see below). Naturally this provides an fantabulous mode to presumption and enactment with files with minimal hazard to the big operating system.
Xcitum Advanced: Setup
The bully radical of Xcitium were benignant capable to supply TechRadar with a proceedings mentation of Xcitium Advanced, which we were capable to entree done a elemental motion up portal.
We were precise impressed to spot that instantly aft creating an relationship the level encourages users to acceptable up 2FA (two-factor authentication) and adjacent recommends suitable authenticator apps.
Users are past asked to make their ain subdomain, which is utilized to entree the Xcitium unreality console. On archetypal motorboat the console displays a adjuvant wizard, which provides a download nexus for cause software. Xcitium Advanced supports endpoints for Windows, Mac and Linux. We were astonished however rapidly the adjuvant wizard installed the cause connected our trial machine, arsenic we had it up and moving successful little than 30 seconds.
Once this is installed, the wizard besides encourages you to instal further packages to supply amended information & EDR protection.
Xcitum Advanced: Interface
Our archetypal acquisition of the Xcitium Advanced interface due was erstwhile we were invited to instal the further Security and EDR packages, via the 'Device List'. We were particularly impressed to spot the main options for endpoints specified arsenic 'File Transfer'.
You tin besides click connected instrumentality names to presumption much elaborate accusation astir endpoints, though the instrumentality database besides contains a useful summary of highlighted icons to amusement which features are enabled e.g. AV = antivirus.
As TechRadar readers know, we judge the astir important facet of immoderate UI is the main dashboard and we weren't disappointed by Xcitium Advanced's main screen. In fact, the level has a fig of endpoints for assorted features similar services, auditing and endpoints themselves.
We were delighted to spot that the endpoint dashboard displays alerts astatine the precise apical of the surface and adjacent provides a adjuvant pastry illustration breaking down alerts by category. Other infographics show adjuvant accusation connected contained files and detections per endpoint.
Special notation should besides spell to the 'Software Inventory', the 'Global' conception of which lists each installed programs connected endpoints. Users tin rapidly click to prime apps and past to uninstall oregon export details successful CSV format.
Our lone tiny disapproval present is that the 'Notifications' country lone contained accusation applicable to the installation of Xcitium itself - we had to look elsewhere to find details of existent alerts. In fairness, users tin presumption much details astir these by clicking into alert notifications via the dashboard.
Xcitum Advanced: Performance
When reviewing endpoint information platforms our archetypal trial is ever to effort to download a fake computer virus, provided by the bully radical of EICAR.
We checked that the Antivirus and information features were enabled connected our endpoint earlier visiting the website containing the malware. Each clip we tried to download the record successful compressed (ZIP) format, we recovered that the Xcitium cause had altered the record permissions truthful that the trial microorganism couldn't beryllium saved to the 'Downloads' folder.
The cause didn't amusement immoderate notification of this but erstwhile we opened the unreality console, we saw the record had been quarantined and an alert was generated.
Our adjacent trial was to effort to transcript a recent, existent machine microorganism we'd caught successful the chaotic onto the trial machine's "Downloads" folder. We bash this to cheque that an endpoint information level tin observe and forestall threats based connected a program's behaviour, not conscionable by comparing record signatures to an online database.
Xcitium Advanced didn't fare arsenic good with these tests. We were capable to transcript the malware (a trojan virus) to the 'Downloads' folder without triggering immoderate alerts from the platform. We decided to right-click the record to tally a scan with Xcitium antivirus but nary menace was found. The cause besides offers the enactment to tally the record successful an Xcitium container. We did this but the unreality console log seemingly showed the record arsenic safe.
We were troubled by this, truthful returned to the console to cheque the instrumentality policies. We enabled the 'Comodo Containment' profile, past ran the tests again with a new, existent machine virus. This clip the cause did observe and quarantine it, arsenic shown by the unreality console logs.
This is beardown impervious that Xcitium Advanced tin observe and forestall threats based connected record behavior, though it's wide the information settings whitethorn request immoderate tweaking to summation the afloat benefits of extortion arsenic we were capable to tally the archetypal existent trojan microorganism and infect our trial instrumentality without the cause detecting immoderate issues.
Xcitum Advanced: Final verdict
Overall, there's overmuch we enjoyed astir Xcitium Advanced. We don't instrumentality for granted the casual registration and setup, arsenic immoderate platforms volition lone supply demos alternatively than fto you effort the bundle for yourself. We were particularly thrilled that the cause bundle lone took seconds to deploy.
The unreality console is good laid retired and the aggregate dashboards let users to chop and alteration information successful immoderate mode they spot fit. It's a shame we couldn't find much readily disposable accusation connected pricing but successful fairness Xcitium Advanced's income squad is lone a telephone telephone away.
When it comes to preventing downloads of perchance unsafe files, this level passed our tests with flying colors some with the fake machine microorganism and 1 which we attempted to download from a known malware website.
As readers person seen, the results were much deed and miss erstwhile we tested with existent machine viruses that had been manually copied onto our trial machine. At the proposition of Xcitium unit we changed the instrumentality illustration to 'Windows - Secure', which uses the platform's containment exertion but with the aforesaid results arsenic before.
As Meatloaf taught us, "Two retired of three" ain't atrocious and it's wholly imaginable that the trojan we primitively utilized wasn't detected owed to incorrect configuration oregon a impermanent error. Still, it's the aforesaid microorganism we utilized successful tests of different endpoint information platforms and is astir ever detected and quarantined.
If you're considering this platform, we suggest you enactment intimately with Xcitium to marque definite your menace database is up to day and your cause is utilizing the close information profile.