What is CIS Endpoint Security Services (ESS)?

CIS Endpoint Security Services (ESS) is a fully-managed and monitored solution deployed on endpoint devices to identify, detect, respond to, and remediate security events. The service offers host-level protection and response backed by our 24x7x365 Security Operations Center (SOC) to strengthen an organization’s cybersecurity program, and it provides active defense against both known (signature-based) and unknown (behavioral-based) malicious activity.

Organizations using CIS ESS benefit from a full-time cyber defense partner in the 24x7x365 CIS SOC. Our SOC continuously monitors and manages CIS ESS software, which includes analyzing malicious activity and escalating actionable threat detections for identified threats to the affected U.S. State, Local, Tribal, and Territorial (SLTT) organization. Upon identifying a threat event, this service can stop an attack in its tracks regardless of the network to which the endpoint is connected. As such, CIS ESS takes an active role in mitigating and remediating malicious activity affecting an organization’s devices by blocking malicious processes and quarantining malicious files or compromised endpoints.