Absolute Secure Endpoint is one of our company’s core product lines, which leverages the unbreakable connection provided by Absolute Persistence® to enable IT and security personnel to monitor and address computers' problems and enables the computers and their mission-critical applications to self-heal. This helps with IT management, strengthening a company’s security posture, and maintaining compliance.
The Absolute Secure Endpoint product portfolio contains a variety of product packages:
Other variants, such as Absolute Resilience for Student Devices, may be offered to meet particular use cases or geographic market needs.
Absolute Visibility is the entry service tier in the Absolute Secure Endpoint portfolio. Absolute Visibility collects data about the endpoints' location, security posture, and hardware/software inventory. It provides analysis of software and hardware utilization and identifies potential failure points and suspicious use patterns.
Absolute Control is the mid-service tier in the Absolute Secure Endpoint portfolio. Absolute Control adds to Absolute Visibility’s capabilities to control endpoints over the Internet, allowing for critical functions such as remote file deletion and data wipe, freezing devices on demand when at-risk, end user messaging, as well as establishing geo-fences and alerts.
Absolute Resilience is the top service tier in the Absolute Secure Endpoint product portfolio and the most popular package among customers. Compared to Absolute Control, it adds further capabilities to secure endpoints from threats and vulnerabilities, respond to security breaches and incidents, and enable Application Resilience to automatically monitor and detect unhealthy applications and automatically heal them.
Absolute Ransomware Response is a stand-alone offering, which provides capabilities and services to assess an organization's ransomware preparedness and cyber hygiene across endpoints; ensures mission-critical security applications such as anti-malware and device management tools remain healthy and capable of self-healing; and expedites the quarantine and recovery of endpoints if a ransomware attack occurs.
Customers can easily upgrade/downgrade their service subscriptions between Absolute Visibility, Control, and Resilience. Capabilities are additive and enabled via a software license key.
Absolute Ransomware Response is offered as a stand-alone solution primarily for security-conscious customers. Add-on options are offered for Absolute Control and Resilience customers. Absolute Ransomware Response customers can later easily expand their capabilities by changing their subscription to the Absolute Resilience service tier.
Absolute can be purchased through leading device manufacturers, resellers, and distributors. Contact us and we would be happy to help you with this process.
Absolute Secure Access is one of the company’s core product lines, which was added through the acquisition of NetMotion in July 2021. The product portfolio provides resilient network connectivity for users to securely access critical resources in the public cloud, private data centers, and on-premises. These products allow users to transition from traditional VPN to a resilient Zero Trust approach, without impairing productivity or admin controls.
Absolute Secure Access encompasses three products:
Absolute Secure Access packages are offered in two flavors, Absolute Core™ and Absolute Edge™ (formerly called Complete) with the included products as outlined below. Regional variations might be available.
Customers can easily upgrade their subscription between Absolute Core and Absolute Edge. Capabilities are additive and enabled via a software license key.
Absolute Secure Access supports Apple® iPad and iPhone devices (iOS 11 and later), Apple MacOS (10.13 and later), Android devices (running on Android 5.0 or later), Android for Work, Samsung KNOX, Windows Pro Tablets, laptops, and other devices running Windows 8, 10, and 11.
Absolute Ransomware Response enables customers to assess their ransomware preparedness for endpoints, monitors their endpoint cyber hygiene across the device fleet, and allows for an expedited endpoint recovery leveraging Absolute’s always-on connectivity, automated restoration capabilities for key security and management tools (e.g., Microsoft® Endpoint Manager, Ivanti®, Tanium™, SentinelOne®, CrowdStrike™), and library of Absolute Reach scripts.
Absolute Ransomware Response addresses the following negative consequences when it comes to falling victim to a ransomware attack and facing delays in recovery efforts for endpoints:
The Absolute Ransomware Response product delivers the following capabilities:
At the beginning of the engagement, a professional services technical consultant will review the existing standard security controls across endpoints, identifying key controls (e.g., anti-virus/anti-malware, endpoint protection, or endpoint detection and response solutions) and device management tools that are required to minimize ransomware exposure and assure expedited recovery efforts.
At the beginning of the engagement, a professional services technical consultant will help establish application resilience policies to ensure that identified mission-critical security applications and device management tools are installed and functioning as intended. In addition, a professional services technical consultant will train customer personnel on how to continuously monitor application health and apply these baseline policies to new devices as they are enrolled.
A professional services technical consultant will remotely help in endpoint recovery efforts for up to two incidents per year, following a pre-defined playbook and leveraging the existing Absolute product capabilities.
Absolute Ransomware Response is available on Windows devices only since it is the most common OS-target for ransomware attacks.
Absolute Ransomware Response yields the following benefits:
The Absolute Ransomware Response Add-On for Control customers delivers Ransomware Readiness Check, Ransomware Cyber Hygiene Enablement, Ransomware Recovery Assistance, Reach, Endpoint Data Discovery, as well as Self-Healing for one management application (e.g., Microsoft SCCM, Microsoft Intune) and one anti-malware application.
The Absolute Ransomware Response Add-On for Resilience customers delivers Ransomware Readiness Check, Ransomware Cyber Hygiene Enablement, and Ransomware Recovery Assistance.
The Absolute platform is a cloud-based Endpoint Visibility and Control solution that allows you to see all your devices and apps, secure your data, and prove compliance.
Computrace is a former product and brand of Absolute’s, superseded in 2015. The Absolute platform includes newer and enhanced versions of the device tracking capabilities of Computrace, plus numerous new capabilities to help with security and compliance. This includes the ability to remotely execute scripts on devices, scan for sensitive data, and self-heal critical third-party applications. The Absolute platform provides all the popular features of Computrace and much more.
LoJack for Laptops is a former product and brand. Device tracking and recovery features are available for individuals via Absolute Home & Office, and for businesses/schools via the Absolute products listed above. LoJack® is a registered trademark of CalAMP.
Application Persistence is a feature of Absolute Resilience that provides embedded, self-healing capabilities to third-party endpoint controls, such as VPN, anti-virus, encryption, systems management, and other critical applications.
Virtually any app can be automatically reinstalled, regularly checked for version control & integrity, and IT teams alerted the moment anything abnormal occurs.
Application Persistence works with devices on or off your corporate network, and, as Persistence technology is embedded at the factory, it can’t be compromised.
Absolute can be purchased through leading device manufacturers, resellers, and distributors. Contact us and we would be happy to help you with this process.
Yes. Absolute only requires that the device has an internet connection to communicate with the monitoring center. This allows for communication even when devices are not connected to your corporate network.
Yes. Absolute is used by many customers to track and manage all of their devices, data, and apps. This extends beyond traditional IT asset management with analytics to provide Asset Intelligence.
Yes. Whether its GDPR, HIPAA, or other internal or regulatory requirements, Absolute provides current and historical information on the status of the device, including configuration, health of security controls, and presence of sensitive data. Absolute also provides remote remediation capabilities to protect data and secure devices, all helping to maintain and prove compliance. Learn more about how Absolute can help your organization prove compliance.
Many organizations use Absolute to replace existing IT asset management tools and processes, and to supplement many popular security and device management solutions, such as Microsoft SCCM, Microsoft Intune, VMWare Workspace One, MobileIron, and more.
Absolute can be used to report on the health of — and fill gaps in — these applications. Popular complementary features include: self-healing critical security controls, identifying sensitive data, and providing visibility into devices not managed by other solutions.
The Absolute® Platform leverages a cloud-based, highly-available and secure multi-tenant architecture that is available across different regions. It’s comprised of a variety of foundational components that power Absolute product features that are being leveraged by the company’s enterprise customers and ecosystems partners (e.g., independent software vendors, original equipment manufacturers, or managed service providers) alike.
The Absolute Platform consists of three core components:
Absolute Persistence® technology, a unique, patented technology is already embedded in over 600 million devices as a result of Absolute’s partnership with nearly 30 system manufacturers from around the world. Once activated, this technology is fiercely resilient and is the only solution to survive attempts to disable it, even if the device is re-imaged, the hard drive is replaced, or the firmware is updated.
No other technology can do this. Ultimately, it provides a secure, unbreakable, and always-on connection between the Absolute Platform and the endpoint, allowing you to gain unprecedented real-time visibility, control, and remediation capabilities.
The Absolute Platform utilizes two types of patented Absolute Resilience™ technology to ensure that mission-critical applications remain healthy and operational and to provide end users with the most productive, as well as optimized remote access experience possible:
Absolute ensures a digital tether to each device remains intact, providing you with reliable insights and intelligence from all of your endpoints to the network edge — on or off your corporate network.
Hundreds of data points are gathered and served up as insights, providing guidance on utilization, health, security and compliance posture, as well as a unified view into the entire end user experience. Applying AI-based risk assessment and user entity behavior analytics lets you go beyond the monitoring of resources and applications, allowing for automated remediation and uncompromised user productivity.
Other foundational components of the Absolute Platform that enable the Absolute Secure Endpoint™ and Secure Access™ products are as follows:
Customers can leverage the Absolute Platform components through Absolute’s packaged products, APIs, and SDKs. The result will be rapid innovation. The Absolute Platform is always included in the product package of choice.
Absolute Insights for Endpoints offers IT administrators and security practitioners historical device and security trends across their endpoint environments in order to manage endpoints, maintain end user experience, and adhere with internal policies or compliance requirements for the work from anywhere environment. The product enables IT and security practitioners to build custom dashboards according to their organization’s business or compliance needs, perform data aggregations, and run queries to identify and respond to anomalies.
Absolute Insights for Endpoints is available for purchase as an add-on module. It requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier. Contact Absolute Sales to learn more.
Absolute Insights for Endpoints is available in three distinct SKU offerings with 30-, 60- and 90-day data storage increments. The higher data storage options are recommended for those customers requiring greater device data point retention due to the variety of IT and security use cases they want to cover/investigate.
Once purchased, your Absolute Insights for Endpoints licenses can be configured and activated through the “Policies” section of the Absolute Console. As the product is an add-on module, its licenses must be tied to base licenses for an active subscription to either the Absolute Visibility, Control, or Resilience service tier. The Absolute Insights for Endpoints add-on licenses can either be assigned to a single policy group or distributed among multiple policy groups, as long as they are tied to base licenses that are distributed similarly as well.
Absolute Insights for Endpoints caters to a variety of IT and security use cases, enabling practitioners to manage devices, maintain end-user experience and comply with internal policies or regulatory frameworks. Examples include tracking software rollouts and usage, proactively identifying hardware issues such as battery health or memory usage, monitoring OS patch and version status, ensuring the health of core applications such as anti-malware and VPN, and identifying vulnerable devices based on geolocation and sensitive data storage, or other risk factors.
Absolute Insights requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier. In addition, obtaining insights into various IT and security trends is dependent on the activation of the following policies through the Absolute Console. Note that the availability of these policies may differ based on service tier. • Hardware: captures a variety of asset inventory details across devices
It can take up to 30 minutes for data from your Absolute console account to be populated and made available to view through the Insights for Endpoints dashboards.
This varies across different Absolute features. For features that already have historical data captured through the Absolute console (e.g. Geolocation Tracking), Insights for Endpoints will populate relevant dashboards to showcase historical trends for the last 30, 60 or 90 days, depending on the add-on SKU purchased.
For features that have static data available through the Absolute console (e.g. Hardware or Full-Disk Encryption Status), data will be stored and populated through the dashboards from the day Insights for Endpoints is configured and activated through policies to showcase historical trends.
Customers can customize dashboards by choosing from a number of visualization types (e.g., table, pie, bar, line chart, etc.), modifying the applicable time period (e.g., month, week, day, or hour) and adding targeted filters (e.g., devices, apps, users, etc.) to gather insights based on specific needs.
Examples of scenarios where leveraging filters to acquire specific device or security related information might be helpful, includes the following:
Customers can indeed aggregate multiple datasets through targeted commands such as sum, count, mean, median, top values, etc. to identify anomalies and potential device or security risks to ensure they don’t develop into more serious events.
Absolute Insights for Endpoints offers a growing library of pre-built dashboards to help customers get started with the product and make use of a variety of asset- and security-related historical visualizations. Examples of the pre-built dashboards available include the following.
IT Dashboards
Risk and Compliance
Privacy and Data Risk Dashboards
Dashboards can indeed be shared with others in the organization by generating and sharing permanent links, .PDF reports, or .PNG reports. Absolute Insights for Endpoints offers this capability through the “Share” capability located in the top right-hand corner of the Absolute Console.
New dashboards can be built based on previously built ones using the “Clone” function available in the top right corner of the Absolute Insights for Endpoints Console. Once a dashboard is cloned, it can be tweaked as needed to align with its specific requirements.
Raw datasets that form dashboards can be downloaded as .CSV files to be viewed through other data aggregation and analytics tools.
Absolute Persistence® is unique, patented technology embedded in the firmware of 600+ million devices that provides a secure, unbreakable, and always-on connection between the Absolute Platform and the endpoint. The Persistence technology is installed in the firmware of most endpoint devices at the factory. Each device leaves the factory with the Persistence technology in place, waiting to be activated. Activation occurs when a customer purchases an Absolute product that supports Persistence and installs the necessary software agent.
Persistence technology is factory-embedded into the core of most endpoint devices. Once activated, it gives you unrivalled visibility and control to confidently manage your endpoints, protect at-risk data, as well as investigate and remediate potential threats. Persistence is the only firmware-embedded solution that will survive attempts to disable it, even if the device is reimaged, the hard drive is replaced, or the firmware is updated.
Through our partnership with system manufacturers, the Persistence technology is embedded in the firmware of endpoint devices at the factory. Persistence leverages Absolute’s secure channel from the cloud-based console down to the firmware. In doing so, it maintains an always-on digital tether between device and Absolute Console, ensuring two-way communication so you can reliably query information and run actions remotely.
Persistence technology remains dormant in the firmware until the Absolute Agent is installed. Once the Absolute Agent is installed, it initiates a call to the Absolute Platform and Persistence is then activated. This means that the status of the software agent is monitored and if it is missing, a reinstallation will automatically occur.
All Absolute products support Persistence technology. The software agent is installed on computers in the operating system by running an installer or when the device is imaged. The software agent sends information from each device to the Absolute Platform for IT administrators and security professionals to assess risks and to take appropriate action.
The Absolute Agent makes regularly scheduled calls over the Internet to the Absolute Platform, where customers access their account via the cloud-based Absolute Console. Telemetry collected includes device, data, application, and user information. Customers can define conditions and receive alerts if the conditions occur, allowing them to respond immediately to any potential security incident. The software agent also supports remote actions such as the running of scripts through Absolute Reach™ and self-healing of critical security applications through Application Resilience™.
No. If the Persistence technology has been enabled, the self-healing capability will repair the Absolute Agent, or any other applications supported by Application Resilience™. The computer will still be protected. The enable/disable state of the Persistence technology is stored in a part of the BIOS that cannot be flashed to remove it.
The communication between the software agent and the Absolute Platform is encrypted. Optionally, you can also enable FIPS-140 certified communication. The Federal Information Processing Standard (FIPS) Publication 140-2 is a US government security standard that specifies the security requirements for cryptographic modules protecting sensitive information. The National Institutes of Standards and Technology (NIST) publishes the list of vendors with validated FIPS 140-1 and 140-2 cryptographic modules. The Absolute Encryption Engine is validated FIPS 140-2.
Absolute provides two main components that get integrated with the installation utility for your product. Additionally, we also provide a standalone installer that is self-contained and will enable Absolute’s Persistence technology without any additional integration work required on your end. Depending on which way you choose to proceed, the overall development, integration and testing of APaaS usually runs anywhere from 2-4 weeks. Once you’ve become a partner, we will provide an Absolute APaaS Partner Success guide that outlines the steps involved regarding integration and launch.
Absolute APaaS vendors get quarterly standardized reports on the performance of their products in the field and additional analytics.
Every time there is a new version of your product it must be sent to Absolute in order to keep it current. Detailed steps are outlined in the Absolute APaaS Partner Success guide.
We are currently working with the following organizations and certifications are currently in progress:
Absolute APaaS data collection is anonymized and does not collect Personal Identifiable Information (US standard). Furthermore, encryption of the data is enabled. As part of providing Self-Healing for partner applications, Absolute collects and analyzes data in for the following categories:
The Absolute Computrace Agent is a piece of software that is packaged with Absolute’s Persistence technology embedded in over 1 Billion devices. The agent provides for visibility and control of the device by creating a digital tether between the device, and the Absolute Monitoring Center.
Log into the Absolute console and go to Assets > Devices. In the report, go to the settings area and edit columns in the report to show the Agent column. This column will report on the version of the agent that is deployed to devices under Absolute management.
Absolute manages the agent upgrade process as part of our service. If your device is regularly calling into the Absolute Monitoring Center then the upgrade to our latest agent will happen automatically. If you are still seeing an outdate agent on a device under management, contact the Absolute support team for assistance.
Collecting missing devices at the end of a school year is a stressful and time-consuming undertaking that often overwhelms school districts’ IT staff. The Absolute Missing Device Reclamation service includes a team of Absolute reclamation experts to track, locate, and secure devices, including contacting users to get devices back. Through regular communication channels with parents and students— combined with the ability to remotely manage, lock, and track a device with Absolute — our experts manage the entire process to minimize device loss and save time for IT teams.
Absolute Missing Device Reclamation service is either part of the Absolute Resilience for Student Devices offer or available for purchase as an add-on. For the latter, it requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier. It’s available in North America only.
The Absolute Missing Device Reclamation service runs once per year for all devices licensed to Absolute Resilience for Student Devices or with Absolute Missing Device Reclamation Add-On, in North America only. Any additional instances require an Absolute Professional Services engagement. License pricing is based on one execution per customer per year.
Absolute will provide the following tasks once per year to support Customer missing device reclamation for devices identified by the Customer as missing:
To ensure the success of this professional services project, the Customer will be required to provide time and resources in pursuit of project goals, as well as accurate, timely, and complete information. Customer must ensure the following project constraints or assumptions are met:
Customer must undertake the following activities and tasks:
The Absolute Missing Device Reclamation Add-On SKU is available on Windows, Chrome OS, and Mac devices.
Yes, the Absolute Missing Device Reclamation Add-On service SKU can be added to other licenses (Visibility, Control, or Resilience) on non-student devices.
Absolute Insights for Endpoints offers IT administrators and security practitioners historical device and security trends across their endpoint environments in order to manage endpoints, maintain end user experience, and adhere with internal policies or compliance requirements for the work from anywhere environment. The product enables IT and security practitioners to build custom dashboards according to their organization’s business or compliance needs, perform data aggregations, and run queries to identify and respond to anomalies.
Absolute Insights for Endpoints is available for purchase as an add-on module. It requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier.
Absolute Insights for Endpoints is available in three distinct SKU offerings with 30-, 60-, and 90-day data storage increments. The higher data storage options are recommended for those customers requiring greater device data point retention due to the variety of IT and security use cases they want to cover/investigate.
Absolute Insights for Endpoints caters to a variety of IT and security use cases, enabling practitioners to manage devices, maintain end user experience and comply with internal policies or regulatory frameworks. Examples include tracking software rollouts and usage, proactively identifying hardware issues such as battery health or memory usage, monitoring OS patch and version status, ensuring the health of core applications such as anti-malware and VPN, and identifying vulnerable devices based on geolocation and sensitive data storage, or other risk factors.
Absolute Insights requires an existing subscription to either the Absolute Visibility, Control, or Resilience service tier. In addition, obtaining insights into various IT and security trends is dependent on the activation of the following policies through the Absolute Console. Note that the availability of these policies may differ based on service tier.
Customers can customize dashboards by choosing from a number of visualization types (e.g., table, pie, bar, line chart, etc.), modifying the applicable time period (e.g., month, week, day, or hour), and adding targeted filters (e.g., devices, apps, users, etc.) to gather insights based on specific needs.
Examples of scenarios where leveraging filters to acquire specific device or security related information might be helpful, includes the following:
Customers can indeed aggregate multiple datasets through targeted commands such as sum, count, mean, median, top values, etc. to identify anomalies and potential device or security risks to ensure they don’t develop into more serious events.
Absolute Application Resilience™ delivers the ability to monitor application health and automatically repair and/or re-install unhealthy third-party applications listed in the Application Resilience catalog to restore them to healthy operations.
Absolute Application Resilience leverages Absolute Persistence® technology already in embedded in over 600 million devices, to remotely remediate an application, making it resilient whether it is uninstalled, disabled, or corrupted. As a result, mission-critical applications running on the endpoint self-heal to maintain the endpoint’s security posture.
Application Resilience is currently available to the security industry ecosystem, including enterprises, security vendors (via Absolute Application Persistence-as-a-Service™ offering), and system manufacturers worldwide. Organizations of all sizes have already taken advantage of this technology to self-heal critical applications such as VPN, endpoint protection, device management, data protection, as well as other security and business applications.
The Absolute Agent must be installed on each endpoint to activate Application Resilience. Based on the specific software application to be made resilient and the policy determined by the administrator, the Absolute solution deploys policy files to the device to support the automatic, zero-touch remediation. Once setup is completed, Application Resilience will repair or reinstall the software agent and other critical application components whenever they are removed or tampered with on a device.
Here is how it works:
The remediation actions that the Application Resilience engine takes in cases of an unhealthy application can be summarized by the three following options. The administrator can choose any one of the three options when configuring the Application Resilience policies within the Absolute Console:
Currently, Application Resilience is supported on devices running Windows 7 and higher. The Absolute team continues to investigate methods to extend this capability to other desktop, laptop, and mobile platforms.
Application Resilience is available for all supported applications through an Absolute subscription. Application health reporting is available through Absolute Visibility or Control, while application remediation is available with Absolute Resilience.
Absolute is continuously adding to its catalog of supported applications. If you have a particular application that you would like to make resilient, contact Absolute Sales to make a request.
