SYLink
Free diagnostic
Product catalog
Family Réseau

SYLink EDR

Endpoint Detection & Response · Windows / macOS / Linux

Sovereign EDR agent for endpoints and servers: Windows, Windows Server, macOS, Linux. Batch management, zero trust, automatic quarantine, anti-shadow-IT DLP. Deployable on-premise with no outbound telemetry.

Request a demoSee the diagramSpecifications
The product, in plain words

What it does SYLink EDR

Sovereign EDR agent for endpoints and servers: Windows, Windows Server, macOS, Linux. Batch management, zero trust, automatic quarantine, anti-shadow-IT DLP. Deployable on-premise with no outbound telemetry.

Key takeaway

SYLink EDREndpoint Detection & Response · Windows / macOS / Linux.

The technical playbook

How to use it

Multi-OS agent, kernel-level control

SYLink EDR utilise des hooks au niveau noyau pour observer les processus, les accès fichiers, les connexions réseau et les manipulations de mémoire. Sur Linux, l'agent s'appuie sur eBPF — performant et sans patch noyau. Sur macOS, sur les Endpoint Security APIs. Sur Windows, sur les Kernel Callbacks et ETW.

Le moteur de décision peut tourner en local (politique précompilée) ou faire appel à un SYLink AI local pour le triage des comportements ambigus. La quarantaine est immédiate, la restauration en un clic depuis la console.

Key capabilities
  • Kernel hooks (Linux eBPF, macOS ESF, Windows Kernel Callbacks)
  • Local decision + optional SYLink AI call
  • Unified quarantine and restoration
  • DLP configurable per AD / Entra group
Where the product fits in your topology

Network placement

Agent installé sur chaque poste et serveur (Windows, Linux, macOS). Détection comportementale, isolement automatique, télémétrie chiffrée vers la console SYLink centrale. Compatible avec votre SIEM existant.

Console centraleSYLink EDRconsole + moteurParc d'endpoints supervisésPostesagent installéServeursagent installéMobilesagent installéServs Linuxagent installé↳ Agent léger sur chaque endpoint, télémetrie chiffrée vers la console SYLink
Deployment pipeline

Deployment diagram

Deployed via GPO (Windows), MDM (macOS / mobile), Ansible/Salt (Linux), or your RMM. Centrally configured from the console.

  1. 01

    Policy scoping

    Define DLP rules, per-group exceptions, criticality levels.

    Step 01
  2. 02

    50-endpoint pilot

    Deploy on a sample, calibrate rules in monitor-only for 14 days.

    Step 02
  3. 03

    Switch to blocking

    Activate quarantine and DLP in production.

    Step 03
  4. 04

    Global rollout

    Deploy across the fleet via GPO/MDM/Ansible.

    Step 04
  5. 05

    SOC integration

    Logs to SIEM or UniSOC, shared response runbooks.

    Step 05

↓ Integration pipeline — step by step, from scoping to production ↓

Prerequisites

  • AD / Entra ID / LDAP directory for targeting
  • SYLink console (SaaS or on-premise)
  • Mass deployment tool (GPO, MDM, Ansible, Salt, RMM)
What you concretely gain

Benefits

  • 01

    Multi-OS, one agent

    Windows, Windows Server, macOS, Linux — same policy, same console, same experience.

  • 02

    Automated zero trust

    Every action on the endpoint is evaluated in real time: process, file access, network communication.

  • 03

    Anti-shadow-IT DLP

    Blocks uploads to personal Drives, WeTransfer, unencrypted USB sticks. The CISO sets the rules.

  • 04

    On-premise, no outbound telemetry

    Console deployed on your premises (government-compatible). No data leaves your perimeter.

The full datasheet

Specifications

Platforms

Windows10 / 11 (32 et 64 bits)
Windows Server2016, 2019, 2022, 2025
macOS12 Monterey → 15 Sequoia
LinuxDebian/Ubuntu, RHEL/Rocky/Alma, openSUSE

Capabilities

DétectionComportementale + signatures
QuarantaineAutomatique sur menace confirmée
DLPInclus (clé USB, cloud, mail)
Patch managementInclus (Win/Linux/macOS)

Agent performance

Empreinte CPU< 2 % en moyenne
RAM< 200 Mo
Network< 5 Mo/jour de télémétrie
Mode offlinePersiste les événements, sync à la reconnexion

Console

DéploiementOn-premise OU SaaS souverain
IntégrationAD / Entra ID, SIEM, UniSOC
Multi-tenantOui (pour MSP)
ConformitéRGPD by design, audit trail complet
Built for

Target customers

  • SMB NIS2 compliance

    EDR on every endpoint and server, court-admissible event log, SIEM integration.

  • Enterprise: replacing a foreign EDR

    Substituting a US EDR with a sovereign solution that integrates into the existing SOC.

  • Ministry / Defense (on-premise)

    On-premise deployment with no outbound telemetry, II 901 / IGI 1300-compliant.

  • MSP: managed multi-customer EDR

    Multi-tenant console, white-label deployment, central supervision of customer incidents.

Test SYLink EDR on your infrastructure

30-minute guided demo, PoC on a pilot perimeter, support by our French teams based in Clermont-Ferrand, Marseille and Rennes.

Request a demoFree diagnostic (2 min)Cyber emergency