Install the CyVectors Anomaly Detection Agent on any Windows workstation or server, and the agent begins to immediately monitor CPU and memory resources for that node. The agent has built-in dynamic threshold baselines and reports CPU and memory activity that is indicative of malware behavior.
The Anomaly Detection Agent cuts deployment time to near-zero since the thresholds typically defined in your monitoring platform are built int the agent. The agent reports node CPU and memory utilization every 2 minutes and reports those measurements to Windows Event Logs and as syslog using the CyVectors Event Forwarding Agent, eliminating the need to poll nodes for host resource monitoring.
This software runs on any Windows desktop or server version supported by Microsoft, and can be delivered in bulk by automated software delivery platforms.
Anomaly Detection performs scanning of the Windows hosts CPU and memory resources with proprietary algorithms that can detect behavior indicative of malware or virus infection. The agent collects CPU and memory utilization for that node and reports those results every two minutes to Windows event logs, and syslog when using CyVectors EFA.
Easy installation, auto-runs on every reboot
Use case: One Anomaly Detection agent per critical application server or Windows desktop, install CyVectors event forwarding agent to send host resource stats to CyVectors Vector Analyzer or other SIEM platform
Collects and reports CPU statistics
Collects and reports memory statistics
Sends collected stats to Windows Event Logs and syslog
Eliminates the need to poll Windows with SNMP for host resources