Endpoint protection

The Endpoint Protection domain helps to ensure endpoint tools and controls are working as expected.

We provide continuous assurance of your security controls, assessing the coverage and effectiveness of your endpoint tools. This helps you to achieve compliance and dramatically reduce the risk of exposure during day-to-day operations, tool migrations, and times of organizational change. Panaseer combines unique business context with data from your existing tools, providing improved oversight of your endpoint tools and controls performance. The platform provides IT operations, security teams, and asset and risk owners access to near real-time analysis to efficiently address business risk. Compliance and assurance teams can continuously map to NIST CSF (including NIST 2.0) and other frameworks.

Benefits

Prioritize updates for the endpoints that pose the greatest risk to your critical infrastructure.
Ensure EDR and AV coverage across dispersed and fragmented organizations.
Reduce risk during tool migrations, with assurance and visibility throughout.
Measure and improve performance against SLAs, such as scan frequency and version.

Spotlight metric

Endpoint coverage

Check which devices are most exposed, identifying those lacking AV, EDR or both.

These metrics confirm the coverage of your AV and EDR tools, so that you can check which devices should be top of your priority list for remediation as they lack any compensating controls.

Example connectors

Microsoft Defender

Crowdstrike

McAfee

Available metrics

Type	Name	Description
Policy	AV scan out of SLA	The number of devices out of AV scan SLA
Policy	AV out of scan or update SLA	The number of devices out of AV scan SLA or out of AV update SLA
Coverage	AV devices	The number of devices included in AV SLA analysis
Policy	AV update out of SLA	The number of devices out of AV update SLA
Policy	EDR connection out of SLA	The number of devices out of EDR last connection SLA
Policy	EDR connection or version out of SLA	The number of devices out of EDR last connection SLA or EDR version SLA
Coverage	EDR devices	The number of devices included in EDR SLA analysis
Policy	EDR version out of SLA	The number of devices out of EDR version SLA
Policy	AV SLA breaches	The percentage of devices out of AV scan SLA, the percentage out of AV update SLA and the percentage out of scan or update SLA.
Policy	AV scan out of SLA	The percentage of devices out of AV scan SLA
Policy	AV scan or update out of SLA	The percentage of devices out of at least one of AV scan SLA and AV update SLA
Policy	AV update out of SLA	The percentage of devices out of update SLA
Policy	EDR connection out of SLA	The percentage of devices out of EDR last connection SLA
Policy	EDR connection or version out of SLA	The percentage of devices out of at least one of EDR last connection SLA and EDR version SLA
Policy	EDR version out of SLA	The percentage of devices out of EDR version SLA
Policy	EDR agent connection out of SLA	Number of EDR agent records that are out of last-connection SLA.
Policy	EDR agent connection or version out of SLA	Number of EDR agent records out of either last-connection SLA or version SLA.

New metrics for 2026

Type	Name	Description
Policy	EDR agent version out of SLA	The number of EDR agents out of EDR version SLA
Coverage	EDR agents	The number of EDR agents included in EDR SLA analysis
Policy	EDR agent connection or version out of SLA	The number of EDR agents out of either EDR last connection SLA or EDR version SLA
Policy	EDR agent connection out of SLA	The number of EDR agents out of EDR last connection SLA
Policy	EDR agent version out of SLA	The percentage of EDR agents out of EDR version SLA
Policy	EDR agent connection or version out of SLA	The percentage of EDR agents out of EDR last connection SLA or EDR version SLA
Policy	EDR agent connection out of SLA	The percentage of EDR agents out of EDR last connection SLA