Asset 23@2x
EDR Platform Unplugged

We provide fully featured EDR product built on open standards and open source platforms, to allow for a broader community participation.

OSQuery-based design allows agent extensibility to other endpoint technologies from the community at large.

OpenC2 standard allows for response commands across systems.

Asset 22@2x
No New Console Required

We recognize that an MSSP or MDR ecosystem has diverse vendor systems, and many homegrown technologies.

With an open framework both on the agent side and server side, the ability to incorporate new data sources and new data analytics or dashboards is endless without requiring a new console.

Save On Costs

With a configurable data flow and alert filtering, you can specify the server and storage only for the data you want. There is no duplicate repositories of data. Everything we design is focused on the MDR SOC requirements, the capital/operational/license costs and the MDR business margins

Asset 39@2x
Improve Resolution Times

Apart from multi-customer operations capability, the ability to automatically send commands to endpoints from your SIEM, network appliances or your console enables the SOC analyst to be more effective at unprecedented speed.

Asset 40@2x
Effective SOC Analyst

Elimination of wasteful SOC activity results in faster time to resolution. An effective SOC Analyst is a happy SOC Analyst, which is critical for any SOC performance.

Asset 41@2x
Incremental Revenue Opportunities

The agent-side and server-side open architecture allows endless integration potential with applications/data sources on the endpoint or with detection engines on the backend. It opens up new higher-margin service offerings possibilities such as context-aware monitoring in SCADA or hospital networks

Comparison Table

Windows Sysmon
(Agent Only)
Traditional EDR Tools
PolyLogyx Endpoint Platform
(On Windows)

Data Collection & Customization
Real time event telemetry (file, process, network)

Critical OS state change

Log Aggregation
Single Endpoint Agent for Any Log Aggregation, Interrogation, Real-time Telemetry, and Response Action

Data Aggregation
Distributed data storage choices

Detection & Visualisation
In-box detection & matching (ex. MITRE attack framework, dashboards)

Live Investigation
Simplified query language to contextualise events across types

Live Response
Ability to take response to threats

Third Party Integrations
APIs for integration with SIEM/SOAR/Big Data Platforms

Multi-Customer SOC Operations
Multi-customer SOC APIs for investigations, forensics & hunting

Non-security use cases (ex. logs, device management)

Customer Quotes

Follow PolyLogyx On GitHub

For updates, issues, feature requests and more community fun