Advanced Endpoint Protection (AEP)


Application Visibility and Control

Gain enterprise visibility and control into what applications users are installing across Windows-enabled endpoints with the new device management capabilities built into Comodo’s IT and Security Manager (ITSM). ITSM allows you to set mobile application policies based on groups such as productivity apps, utility apps, gaming apps, etc. Applications can also be permitted, blocked or allowed to run inside a secure container. Productivity is also increased by disallowing non-critical business applications to run during a specific time or day. ITSM provides for the security of corporate data through comprehensive application management.


Automatic Containment

You can feel confident that only safe applications are running on your network with Comodo’s automated containment technology built on our Default Deny Platform. Desktops are very dynamic. As your users introduce new unknown and possibly malicious applications externally from the device, you can automatically force them to run in isolation, never risking corporate data. Comodo’s automated containment technology is extremely lightweight, has no CPU dependencies, and is application agnostic unlike other containment solutions in the market.


Behavioral Analysis

Identify unknown software applications, quickly moving them to a verdict of known good or known bad with Comodo’s local, and cloud-based Specialized Threat Analysis and Protection (STAP) engine. Comodo’s local STAP layer, VirusScope, first analyzes application behavior and actions running inside or outside of containment, and leverages multiple techniques to determine any malicious intent. Valkyrie, Comodo’s second, cloud-based STAP layer correlates VirusScope’s local view of the file’s activity with a global view. This reduces false positives, false negatives provides an Accelerated Verdict of malware at the endpoint. The result is that unknown files stay in containment for the shortest time of any containment solution on the market.

Comodo Client


Comodo Client delivers a layered suite of protection that is lightweight and scalable. Users can run any application on their endpoint with confidence, having only known good applications running on your network outside of containment. Comodo Client includes:

  • Endpoint Containment Firewall
  • Web Filtering
  • Antivirus
  • Host Intrusion Prevention (HIPS)
  • Behavioral Analysis (VirusScope)
  • Valkyrie Cloud-based Static and Dynamic analysis
  • Specialized Threat Analysis and Protection (STAP)

Comodo IT and Security Manager

Comodo Advanced Endpoint Protection solution brings a new Default Deny Platform to the table, leveraging automated containment technology as a temporary solution for analysis to verdict unknown files with dual STAP behavioral analysis engines, to determine each unknown file’s true state. In the past, organizations have had to deploy multiple solutions to accomplish these tasks. Today, Comodo has integrated these critical components under a single, unified cloud-accessible Advanced Endpoint Protection management platform. Comodo’s IT and Security Manager allows for the configuration of security policies and visibility into the security posture and health of your enterprise endpoints, while the ITSM Mobile Device Manager and Inventory Manager allow for the remote provisioning, configuration and control of android, iOS and Windows devices. Perform tasks like restricting what a user can do on a corporate owned mobile phone, determine which unknown applications are running in containment enterprise-wide, remote wipe a device and identify the geographic location of a device. With Comodo’s ITSM, you can even conduct an enterprise-wide search for malware. Malware Problem Solved.