# 05\_OneAgent

**Prevention-First Endpoint Security**

BluSapphire OneAgent is a lightweight, prevention-first endpoint agent that provides deep visibility and control over your endpoints. It is designed to be silent and efficient, with a minimal performance impact (<1% CPU), while providing robust protection against a wide range of threats, including malware, ransomware, and fileless attacks.

<figure><img src="https://2078222076-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MMRHZBPHlLDUc8519fX%2Fuploads%2F1YNucQY6XA9quovcVXok%2FOneAgent01.png?alt=media&#x26;token=b0f0aced-495f-433f-9445-1389a42ee7a2" alt=""><figcaption></figcaption></figure>

## Key Features

* **Prevention-First:** OneAgent focuses on preventing threats before they can execute, with a 99.9% prevention rate.
* **Lightweight & Efficient:** A single, lightweight agent with a minimal footprint (<1% CPU, <20ms block time) that doesn't slow down your endpoints.
* **Deep Visibility:** Provides deep visibility into endpoint activity, including process execution, file system changes, and network connections.
* **Cross-Platform Support:** Supports a wide range of operating systems, including Windows, macOS, and Linux.
* **Integrated with OnePlatform:** Seamlessly integrated with the BluSapphire OnePlatform, providing a single pane of glass for endpoint security and security operations.

{% hint style="info" %}
Integrated with OnePlatform: single pane of glass for endpoint security and security operations.
{% endhint %}

## How It Works

<details>

<summary>Overview</summary>

OneAgent is deployed to your endpoints and continuously monitors for malicious activity. When a threat is detected, it takes immediate action to block it and sends detailed telemetry to the SIEMless™ engine for further analysis and correlation. This tight integration allows for a rapid, coordinated response to threats across your entire environment.

</details>

## Benefits

{% columns %}
{% column %}

* **Stop Threats at the Source:** Prevent attacks before they can cause damage.
* **Improve Endpoint Performance:** Eliminate the performance drag of bloated, legacy endpoint security solutions.
  {% endcolumn %}

{% column %}

* **Gain Complete Visibility:** Understand what's happening on your endpoints and detect threats that other tools miss.
* **Simplify Endpoint Security:** A single agent, a single console, a single platform for a simplified and more effective endpoint security posture.
  {% endcolumn %}
  {% endcolumns %}