SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Mathivanan v
#
Malware
#
Firewalls
#
VPNs

ManageEngine adds EDR & Zero Trust access to platform

Fri, 20th Mar 2026
Author image
By Joseph Gabriel Lagonsin, News Editor

ManageEngine has added endpoint detection and response and secure private access to its Endpoint Central platform, expanding the product's security scope for organisations managing large numbers of devices.

The update brings threat detection, automated remediation and access controls into the same platform already used for endpoint management. The additions are available immediately as an add-on for Endpoint Central.

The move reflects a broader shift in how businesses manage devices across dispersed workforces. Endpoints are now central to day-to-day IT operations, but they also remain a common entry point for cyber attacks, particularly when companies rely on separate tools for device administration, security monitoring and remote access.

That fragmentation can create gaps and increase the workload on IT and security teams, especially as attackers use artificial intelligence to refine methods such as ransomware and other intrusions that spread through corporate systems from compromised devices.

Traditional virtual private network models also face pressure because they often grant broad network access after a user has authenticated. The update adds secure private access based on device trust verification, applying Zero Trust controls to internal applications rather than opening wider network connectivity.

Analyst view

Constellation Research said combining detection and access control addresses two linked security problems: finding threats quickly and limiting what an attacker can reach after a device or set of credentials has been compromised.

"Endpoint security has become a speed problem: enterprises need to detect and contain threats earlier while enforcing Zero Trust access to internal applications when credentials are compromised," said Chirag Mehta, Vice President and Principal Analyst, Constellation Research.

"Bringing EDR together with device-trust-based access controls helps shrink attacker dwell time and reduce the blast radius from endpoint-driven incidents."

The new functions are built into Endpoint Central rather than connected through separate products, allowing IT operations and security teams to work from shared endpoint telemetry through one agent and a central management console.

In practice, the EDR addition is designed to provide visibility into processes, files, registry activity and network behaviour on managed devices. The platform correlates that data and maps behaviour to the MITRE ATT&CK framework so analysts can investigate how an incident developed and what actions may have followed an initial breach.

It also uses behavioural analytics and artificial intelligence to identify threats including file-less malware and living-off-the-land techniques, in which attackers use legitimate system tools to avoid detection. Those methods have become more common as attackers seek to bypass signature-based defences.

Single console

Response actions can be taken from the same console used for endpoint administration. These include isolating compromised devices, stopping malicious processes, restoring files encrypted by ransomware and pushing patches to close vulnerabilities or harden configurations.

The platform also includes what ManageEngine describes as AI-guided investigation, surfacing relevant telemetry and attack patterns to assist security analysts during threat hunting and incident review.

For customers, one practical change is that endpoint management and security tasks can be handled in the same workflow rather than across separate systems. That may appeal to mid-sized IT teams trying to reduce tool sprawl while tightening controls over remote and hybrid work environments.

Endpoint Central is available as both on-premises software and a software-as-a-service offering. According to ManageEngine, the platform is used by more than 31,000 organisations worldwide across Windows, macOS, Linux, ChromeOS, mobile devices and other specialised endpoints.

Market position

ManageEngine also pointed to external assessments of its broader endpoint product line. It said Endpoint Central's malware protection received AV-Comparatives' Approved Business Product certification, and that the company was named a Challenger in the 2026 Gartner Magic Quadrant for Endpoint Management Tools and a Leader in the IDC MarketScape assessment of worldwide unified endpoint management software.

Mathivanan Venkatachalam, Vice President at ManageEngine, said the endpoint is becoming the central point for both defence and access decisions in distributed corporate environments.

"As enterprise environments become more distributed, the endpoint has become the enforcement point for both threat detection and access control," Venkatachalam said.

"With these capabilities, we're helping organisations shift from reactive security to autonomous resilience-enabling earlier threat detection and faster remediation while ensuring only trusted devices access critical resources," he said.

Related stories
Automotive microcontroller market set to hit USD $15.1bn
Vodafone & Google Cloud launch AI & security tools
ISACA launches AI risk certification amid governance gap
Turning security into a story: How managed service providers use reporting to drive retention and revenue
Barracuda spots 7 million device code phishing attacks

Top stories

AI tools widen cyber attack threat, Flashpoint warns
AI flaws & supply-chain risks top new pentesting report
Exclusive: Google Cloud on the road to autonomous SecOps
Zapier expands AI governance controls for enterprise users
Avatier launches offline card after Stryker cyberattack