Help Center
14 DAY FREE TRIAL
Search Close Search
Search result for "aa"
View all results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Extended Detection & Response
  3. Get Started

Category filter

What is Hexnode XDR?

Hexnode XDR is a unified Extended Detection and Response (XDR) security solution that equips IT administrators with capabilities to detect, investigate, and remediate security threats. It brings together endpoint detection, vulnerability management, and threat investigation in a single platform, making it easier to monitor and respond to security risks in real time.

With Hexnode XDR, administrators get an intuitive overview of the threat landscape, with threats categorized by severity (low, medium, high, or critical). Visual analytics in the console help prioritize actions, quickly identify and neutralize potential risks. Administrators can take swift action to kill a harmful process, quarantine infected files or isolate vulnerable endpoints, ensuring that the response is both fast and effective.

Currently, Hexnode XDR is supported on the Windows platform, providing threat detection, investigation, and response capabilities for Windows endpoints.

Features in Hexnode XDR

  • Get Started: The Get Started phase is the first step in onboarding to Hexnode XDR, guided by Hexnode Genie. Admins can either learn about Hexnode XDR through documentation, learning modules, and on-demand guidance from Hexnode Genie, or start onboarding by integrating XDR with Hexnode UEM, deploying the agent via other UEMs, or performing manual installation through command-line or package deployment.
  • Enrollment: Hexnode XDR offers flexible enrollment options to suit different organizational setups. Endpoints can be enrolled through integration with Hexnode UEM, app deployment via third-party UEMs, or manual deployment, including direct installation and command-line execution. These options give organizations the freedom to choose the onboarding method that best fits their infrastructure and operational workflow.
  • Dashboard: The XDR dashboard provides a comprehensive overview of the organization’s security posture, offering a bird’s-eye view of key areas including the threat landscape, active threats, recent incidents, MITRE ATT&CK events, endpoint remediation, incident allocation, critical events, and the activity feed. This centralized view helps administrators monitor and respond to security events efficiently.
  • Incidents: The Incidents tab in Hexnode XDR consolidates alerts, threat detections, and contextual data into a unified view, allowing admins to see what happened, where it occurred, and the next steps to be taken. Admins can view all detected incidents with their severity, access detailed incident information, assign incidents to technicians, track the incident lifecycle, and mark them as resolved or in progress. The tab includes two views: Threats and Alerts.
  • Endpoints: The Endpoints tab in Hexnode XDR serves as the central hub for managing all endpoints. It includes subtabs for Endpoints (listing all endpoints), Endpoint Groups (organizing endpoints into groups), and Installation (where all versions of Hexnode XDR agent packages are available). Admins can perform actions on endpoints such as scanning, restarting, updating the agent, associating policies, or uninstalling the agent.
  • Policies: The Policies tab in Hexnode XDR allows technicians to configure and manage security rules, agent functions, and endpoint behavior across all managed endpoints. From this tab, admins can create, configure, target, and review policies across the organization, while the deployment history provides a clear view of policy status, indicating whether it was a success, partial success, or failure. If a policy fails or needs reassociation, the reinitiate option allows quick redeployment without starting over.
  • Investigate: The Investigate tab in Hexnode XDR provides administrators with a workspace for analyzing security data. It enables advanced queries across endpoint activity to uncover endpoint behaviors, identify suspicious patterns, and trace security-relevant events. Administrators can filter, search, and correlate telemetry to understand what happened, where it occurred, and which endpoints were impacted.
  • Reports: The Reports tab in Hexnode XDR serves as the platform’s primary analytical layer. Built-in reports available in Reports are categorized into device, application, action, audit, policy, threat, and alert reports. It provides a consolidated view for monitoring device states, analyzing threats, or tracking technician activity giving admins clear visibility across the environment.
  • Settings: The Settings tab in Hexnode XDR provides access to key administrative and configuration features. Admins can manage notifications and alert profiles, configure integrations with other security platforms, control technician roles and permissions, customize branding, and handle subscription settings. This centralized hub ensures that all platform configurations and administrative controls are easy to access and manage.
    • Notification: The Notification settings in Hexnode XDR allow admins to receive alerts about portal events via email. Events include role creation or deletion, technician deletion, endpoint creation or deletion, endpoint group creation or deletion, and incident updates. In addition to email alerts, admins can configure webhooks to receive real-time notifications from Hexnode XDR.
    • Alert Profiles: Hexnode XDR allows administrators to configure custom alert profiles to receive notifications relevant to their environment. Alert profiles define when alerts are triggered and how they are delivered, based on specific event types, preferred channels (such as email or webhook), and scheduling preferences. This ensures timely notifications for unusual or potentially harmful endpoint activities.
    • Integrations: The Integrations subtab displays all available integrations as well as any configured integrations. Currently, the available integration includes Hexnode UEM. When integrated, endpoints from Hexnode UEM can be automatically enrolled into Hexnode XDR without the need for manual configuration, simplifying the onboarding process. The Hexnode XDR agent is deployed on these endpoints, enabling continuous monitoring for security threats.
    • Access Control: The Access Control settings serve as the central point for managing access and permissions for technicians in the Hexnode XDR console. Administrators can add and manage technicians and assign roles to define their level of access within the XDR portal.
    • Brand Customization: Using the brand customization settings, you can personalize the Hexnode XDR console to reflect your organization’s brand by adding a dashboard logo and favicon.
    • Subscription: The Subscription subtab in Hexnode XDR lets you manage and purchase licenses directly from the portal. You can view important details such as the account the subscription is licensed to, the email of the license holder, total device count, license activation date, expiry date, subscription status, and the active plan. This helps you monitor license usage and endpoint enrollment capacity efficiently.

Hexnode XDR brings everything you need to manage and secure your endpoints in one place. With its powerful features, easy integrations, and customizable options, it helps your organization stay on top of threats, keep endpoints protected, and make security management simpler and more efficient.

Need more help?
Image of Raise a Ticket Raise a Ticket
Image of Ask Community Ask Community
Image of Chat With us Chat With us
Extended Detection & Response