Athena EPP offers pre-event, during-event, and post-event services based on its four capabilities: discovery, detection, defense, and response.

Discovery: Provides pre-event risk assessment capabilities, including fingerprint-based asset inventory, shadow asset discovery, vulnerability patch management, security compliance check, exposure surface analysis, application/system/account risk assessment, security enhancement, and USB device control.

Detection: Provides threat detection capabilities, including funnel-style detection, AI-powered Sangfor Engine Zero, ransomware defense, advanced threat prevention, application behavioral profiling, and abnormal behavior identification.

Defense: Provides defense capabilities, including secondary authentication, micro-segmentation, virtual patching, vulnerability remediation, and automatic fix of viruses, ransomware, web shells, and brute-force attacks.

Response: Provides fundamental response capabilities, including process, DNS, IP address blocking, and file and host isolation. Integrate Athena EPP with other network security products, offering capabilities such as closed-loop threat fix, threat investigation, attack tracing, defense enhancement, and threat hunting.