Introducing the Coro Agent

The Coro Agent provides protection for Windows and macOS endpoint devices.

The Coro Agent communicates with the Coro backend service by providing monitoring data from devices and receiving instructions in cases where automated remediation is not enforced. The Coro Agent is autonomous and functions independently of whether or not connectivity to the Coro service is available at the time.

The Coro console (frontend) connects to the backend via a private API and controls information and commands transferred to and from cloud applications and Coro Agents to the backend. These three components form the basis of the Coro cybersecurity platform.

The Coro Agent operates similarly to other antivirus applications: it compares the hashes of downloaded files to public databases of previously checked viruses; if they match, Coro quarantines the file. Additionally, the Coro Agent can identify system vulnerabilities. For example, it verifies that the computer is protected by a password and that Developer Mode remains disabled, see Device posture configuration overview.

Ensuring device protection is critical, especially as compliance requirements often mandate encrypting all internal and external device drives used within an organization. The Coro Agent, through policy definition in the Coro console, actively aids organizations in monitoring, protecting, and ensuring compliance for the endpoint devices utilized by their employees.

The Coro Agent is in your device's system tray or menu bar:

The Agent has three sections:

• Notifications about the Agent and your device:

  

• VPN connection and details, if the Network module is enabled. For more information, see connect a device to the VPN
• General information, such as your Coro Agent version, workspace, and enrollment code:

  

To learn more about deploying the Coro Agent, see the following guides:

• Deploying Coro on Windows endpoints
• Deploying Coro on macOS endpoints