Introducing the Coro Agent

The Coro Agent provides protection for Windows and macOS endpoint devices.

The Coro Agent is autonomous and operates without relying on connectivity to the Coro service.

The Coro Agent operates in real-time, scanning files whenever a user or process attempts to access them. If a file is identified as malicious, Coro quarantines it.

The Coro Agent includes an additional layer of protection called advanced threat control (ATC). ATC provides real-time monitoring by analyzing processes for known and potential threats and blocks any processes exhibiting suspicious behavior.

The Coro console (frontend) connects to the backend via a private API and controls information and commands transferred to and from cloud applications and Coro Agents to the backend. These three components form the basis of the Coro cybersecurity platform.

Endpoint Agent Architecture

The Coro Agent operates similarly to other antivirus applications: it compares the hashes of downloaded files to public databases of previously checked viruses; if they match, Coro quarantines the file. Additionally, the Coro Agent can identify system vulnerabilities. For example, it verifies that the computer is protected by a password and that Developer Mode remains disabled, see Device posture configuration overview.

Ensuring device protection is critical, especially as compliance requirements often mandate encrypting all internal and external device drives used within an organization. The Coro Agent, through policy definition in the Coro console, actively aids organizations in monitoring, protecting, and ensuring compliance for the endpoint devices utilized by their employees.

The Coro Agent is in your device's system tray or menu bar:

Coro icon

The Agent has three sections:

  • Notifications about the Agent and your device:

    Agent notifications

  • VPN connection and details, if the Network module is enabled. For more information, see connect a device to the VPN
  • General information, such as your Coro Agent version, workspace, and Coro device ID:

    Agent information

note

The Coro Agent supports multi-user functionality on both macOS and Windows devices, ensuring seamless UI and information collection across different user accounts, including during fast user switching.

To learn more about deploying the Coro Agent, see the following guides: