Applies To
Halcyon Windows Agent
Halcyon Linux Agent
Halcyon Console
Overview
The matrix below outlines feature availability across Linux and Windows platforms. Feature prioritization reflects current threat actor behavior and platform specific attack surfaces. For example, while Windows ransomware often targets local key material for encryption, Linux-based attacks more commonly exfiltrate data or encrypt remote assets. Features like EDR Last Gasp are planned for upcoming Linux agent releases to ensure parity and resilience across environments.
Feature Category |
Windows |
Linux |
Configurable via Policies |
Execution Protection |
Yes |
No |
Yes |
Kernel Guard |
Yes |
No |
Yes |
EDR Last Gasp |
Yes |
Yes |
Yes |
Tamper Guard |
Yes |
Yes |
Yes |
Halcyon Last Gasp |
Yes |
Yes |
Yes |
DXP Nefarious Peer Protection |
Yes |
Yes |
Yes |
DXP Volumetric Protection |
Yes |
Yes |
Yes |
Key Material Capture |
Yes |
No |
No |
SSH Access Monitoring |
No |
Yes |
No |
Additional Information
For more information about the feature listed in the matrix, please see Description of Available Agent Features.
Comments
0 comments
Please sign in to leave a comment.