JasEDR Lite — v0.2.9

Multi-tenant Windows endpoint protection, managed from one dashboard.

JasEDR Lite is a cloud-managed security platform that protects Windows endpoints for multiple customers from a single web console. Deploy it once, and agents auto-install on every endpoint from a one-click PowerShell bootstrap — no imaging, no manual config. It’s defence-in-depth that sits on top of Microsoft Defender, adding two focused protection layers your team controls centrally.

What it does

🛡️ Network-layer enforcement
Every outbound connection is inspected at the Windows Filtering Platform layer and decided — allow, block, or alert — against rules you push from the dashboard. Rules match on:

  • App identity — signed publisher, first-seen freshness, exact path, or SHA-256 hash
  • Traffic content — DNS hostname, TLS SNI, and HTTP host/path keywords
  • Backed by Windows Defender Firewall rules + hosts-file DNS sinkholing

🧬 Hash-based AV via VirusTotal
Every new executable that lands on disk is hashed (SHA-256, streamed) and checked against a VirusTotal-backed reputation engine — only the hash is ever sent, never your files. Detections above your threshold automatically suspend the process, quarantine the file, and raise an alert, with MalwareBazaar as a fallback source.

Key features

  • Full multi-tenancy — each customer manages their own rules, alerts, and endpoints; vendor staff manage tenant lifecycle, license caps, and fleet-wide health
  • Configurable scan coverage — pick exactly which file types and folders get scanned, sweep existing files at startup, and skip trusted-signed binaries to save quota (new in v0.2.9)
  • Per-tenant VirusTotal — inherit the global policy or bring your own key and thresholds
  • Live response — remotely kill or suspend a process, restore a quarantined file
  • Zero-trust agent enrollment — mutual-TLS with client-side key generation; the private key never leaves the endpoint
  • Alerts & webhooks — HMAC-signed alert delivery straight to your SIEM
  • Full audit trail — every action logged, per-tenant and cross-tenant
  • Built to scale — Rust agent, Go microservices, React dashboards, gRPC-over-mTLS, PostgreSQL, Keycloak SSO, Kubernetes-native

Leave a Reply

Your email address will not be published. Required fields are marked *