iValue Center of Excellence
Your Technology. Proven. Positioned. Sold.
• Sell outcomes, not features
Endpoint Upsell Stack with Controls
Comprehensive Endpoint Security Stack Controls Aligned with Indian Regulatory Mandates
| # | Endpoint Control Area | Consolidated Requirement | CERT-In | RBI | SEBI CSCRF | IRDAI | DPDP | NCIIPC | Technology | iValue Stack Required (Multi-Stack by Design) |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | Endpoint Inventory | Discover & track all endpoints | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | EDR / Asset Visibility | SentinelOne |
| 2 | Endpoint Protection Platform (EPP) | Signature-based malware protection | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | EPP | SentinelOne |
| 3 | Endpoint Detection & Response (EDR) | Behavioural & zero-day detection | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | EDR / XDR | SentinelOne |
| 4 | Application Whitelisting | Allow only approved applications | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | Application Control | SentinelOne |
| 5 | OS Hardening | Secure OS baseline configuration | ✅ | ✅ | ✅ | ⬜ | ⬜ | ✅ | OS Hardening | SentinelOne |
| 6 | Endpoint Privilege Management | Remove local admin rights | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | EPM | CyberArk EPM |
| 7 | Credential Theft Protection | Prevent credential dumping | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | EPM + MFA | CyberArk EPM + Yubico |
| 8 | Vulnerability Management | Detect endpoint vulnerabilities | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | Vulnerability Mgmt | Tenable VM |
| 9 | Patch Management | Ensure timely patching | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | Patch Mgmt | Tenable VM (integration-led), Opentext |
| 10 | Identity Threat Detection | AD-based endpoint abuse | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | ITDR | Tenable.AD |
| 11 | Lateral Movement Detection | Detect endpoint-to-endpoint spread | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | EDR + UEBA | SentinelOne + Gurucul |
| 12 | Endpoint UEBA | Detect anomalous endpoint behaviour | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | UEBA | Gurucul |
| 13 | Central Alerting & Monitoring | Central security visibility | ✅ | ✅ | ✅ | ⬜ | ⬜ | ✅ | SIEM | Google Chronicle / Splunk / ArcSight |
| 14 | Log Retention | Retain endpoint logs | ✅ | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ | SIEM | Chronicle / ArcSight |
| 15 | Endpoint Data Loss Prevention | Prevent data leakage | ⬜ | ⬜ | ⬜ | ⬜ | ✅ | ⬜ | Endpoint DLP | Forcepoint DLP |
| 16 | Data Classification | Identify & label sensitive data | ⬜ | ⬜ | ⬜ | ⬜ | ✅ | ⬜ | Data Classification | Forcepoint |
| 17 | Device Control | Control USB & peripherals | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ | Device Control | Forcepoint |
| 18 | Email Security (BEC) | Protect against phishing & BEC | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ⬜ | Email Security | Forcepoint Email Security |
| 19 | Browser Security | Secure browser-based access | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ⬜ | Browser Security | Google SecOps |
| 20 | Remote Browser Isolation | Isolate risky web sessions | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ | RBI | Google SecOps |
| 21 | Zero Trust Endpoint Access | Continuous user/device verification | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ⬜ | Zero Trust | SentinelOne + CyberArk + Yubico |
| 22 | Third-Party Endpoint Control | Secure vendor endpoints | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | EDR + EPM | SentinelOne + CyberArk |
| 23 | Incident Response (Endpoint) | Containment & remediation | ✅ | ✅ | ✅ | ⬜ | ⬜ | ✅ | EDR + SIEM | SentinelOne + Chronicle |
| 24 | Forensics Readiness | Endpoint investigation | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | EDR + SIEM | SentinelOne + Splunk |
| 25 | Deception Technology | Lure & detect attackers | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ | Deception | Threacle |
| 26 | User Awareness & Training | Reduce human risk | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ | Security Awareness | Progist |
| 27 | Audit Evidence & Reporting | Audit-ready endpoint evidence | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | SIEM / Reporting | Chronicle / Splunk |