Ransomware Protection
Stops ransomware by monitoring file activity in real time and detecting abnormal modifications immediately — before encryption spreads.
LAYER 0.3 // XEPP
Managed Extended Endpoint Protection
Endpoint protection alongside everything
you already run.
XEPP is the third line at the endpoint — running in parallel with Windows Defender, your existing AV, and the XEDR stack. Machine Learning catches pre-execution threats and emerging malware. Four behavioural pillars cover the gaps AV-class tools miss: ransomware activity, in-memory attacks, credential theft from LSASS, and USB device abuse.
ML
Pre-execution detection
4
Pillars: ransomware · memory · creds · USB
Parallel
Runs alongside Defender / any AV
Memory Threat Protection
Stops in-memory attacks using YARA-based scanning and deep kernel behaviour signals — catching threats that never touch disk.
Credential Hardening
Protects credentials by filtering handles extracted from the LSASS process and stripping dangerous rights — blocking the most common lateral-movement path.
Device Control
Smart management of removable media. Not a blanket USB block — intelligent control that allows necessary access while preventing dangerous use.
Why this is the third line at the endpoint
Windows Defender and AV tools catch known signatures well. XEDR watches process behaviour and isolates threats post-execution. But a class of attacks slips past both: ransomware that mimics legitimate file operations, shellcode injected directly into memory, credential dumping from LSASS, and malware delivered via USB. XEPP fills that gap — pre-execution ML, YARA memory scanning, LSASS handle filtering, and smart USB policy, all running without touching your existing stack.
The design is intentionally non-disruptive. XEPP never replaces Defender or any AV — it runs in parallel, which means zero displacement risk and no policy migration. Adding it is purely additive coverage.
Three tools at the endpoint, each catching what the others miss — that is defense-in-depth done right.
What's included
- Malware Protection
- Ransomware Protection
- Memory Threat Protection
- Credential Hardening
- USB Device Control
- Parallel Automatic Protection
Objectives
- Stop in-memory and pre-execution threats
- Block ransomware behaviour at the file layer
- Harden LSASS against credential theft
- Smart USB control without productivity loss
- NIS2 system-security baseline coverage
NIS2 alignment
XEPP maps directly to NIS2 Art.21 requirements for system and endpoint security and basic cyber-hygiene practices. The parallel-AV design — documented, non-displacive, and behaviourally monitored — constitutes clear technical-control evidence. Pre-execution ML detection and LSASS hardening satisfy the directive's expectation of appropriate technical measures proportionate to the risk.