Summary of features

Version 2.0 of SES Evolution offers the following features.

SES Evolution 2.0 features

Memory overflow Protects your pool from intrusion attempts and vulnerability exploitation.
Process hollowing
Security token theft
File system bypass
File access control Controls all system resources and access to them. Allows applications to make changes, access these resources or blocks them. You can also simply monitor them.
Registry base access control
Memory access control
Execution control
Driver loading detection Detects rootkits that attempt to load or change drivers in the kernel.
Driver alteration detection
Application firewall Controls incoming and outgoing network communications for each application.
Wi-Fi access point control Manages allowed Wi-Fi networks and prevents the Wi-Fi-LAN bridge from being set up.
Floppy disk or CD/DVD drive control, serial ports Controls devices allowed in your pool through fully customizable rules.
Bluetooth device control
USB device control
USB decontamination air gap Controls the USB keys and hard disks in your pool, manages trusted devices and blocks devices that have not been validated.


Management via agent groups Organizes your pool according to your requirements through a simple but powerful system of agent groups.
Configuration deployment Deploys new configurations in all agents with a single click in the administration console.
Stormshield security policy

Protects your pool with a default policy that covers common threats and adds custom security rules to fully adapt the policy to your environment.

Context-based security policies Adapts security to agents’ environment so that they apply different policies based on their location.
Policy management through rule sets Pool security rules in your policies and manage exceptions easily.
Scheduled tasks Runs commands on agents by configuring scripts from the administration console.
Agent modularity Manages features installed on each agent from the administration console: uninstall unused features, delete incompatible versions and reduce the attack surface.
Challenges Allows some operations to be performed securely through a question/response system.
Simultaneously connected administrators Organizes your administrators by role to manage simultaneous access to various resources on the administration console.


Activity monitoring  
Dashboard See the status of your pool in a glimpse with a simple dashboard.
Log tracking Views events that agents raise, filtering them by priority, type, group, etc.
Attack analysis Follows incidents and analyzes attacks in a dedicated panel that illustrates steps in charts and provides additional information to better understand each attack.
Agent monitoring Tracks the pool’s agents in real time, checks their status and assigns them to groups
Syslog server export

Exports all events in your SIEM system to include them in your other sources of security information (firewall, antivirus, etc.).