Managed Security Services Provider
Product Brief

Managed Endpoint Suite:
Components and
Essential Automations

IT Professional

Table of contents

Endpoint Management
Datto RMM4
VSA 109
Endpoint Security
Antivirus — Datto AV12
Endpoint Detection and Response — Datto EDR14
Ransomware Detection — Datto RMM or VSA Ransomware Detection17
Managed Detection & Response — Degarmo MDR18
Advanced Software Management20
Endpoint Backup
Datto Endpoint Backup21
Endpoint Automations
Degarmo Managed Endpoint Essential Automations25

The Degarmo Managed Endpoint Suite redefines modern IT management with a unified platform that simplifies operations, strengthens security, and drives efficiency at scale. Designed to help IT professionals do more with less, it combines endpoint management, cybersecurity, backup, and automation into one seamless subscription with a single interface.


By eliminating tool sprawl and reducing manual workloads, the Degarmo Managed Endpoint Suite empowers your team to streamline service delivery, accelerate ticket remediation, and maintain stronger security hygiene through included core automations.


With intelligent workflows, centralized visibility, and cost-effective scalability, our Managed Endpoint Suite empowers organizations to proactively manage IT environments while delivering faster, smarter, and more reliable technology operations and support.

IT Professional
Endpoint Management
Datto RMM

Datto RMM gives Degarmo Technologies and IT teams complete visibility and control across every managed endpoint. From on-premises servers to cloud-hosted workloads, from Windows PCs to network devices, every asset is monitored, managed, patched, and automated from a single platform. As a true SaaS platform, it requires no infrastructure, delivers 99.99% uptime, and scales without a device limit. Every capability is policy-based, built to run automatically, and designed to grow with the environments we manage.

Core capabilities:

Secure, Scalable, and Always On

Datto RMM is built on a cloud-native architecture with mandatory two-factor authentication (2FA), routine penetration testing, infrastructure hardening, and active monitoring for unauthorized access attempts. The platform's scalability means there is no ceiling on the number of devices we can support, and its 99.99% uptime track record means the tool is never the reason your business goes unprotected.

Simple Onboarding, Easy Adoption

Datto RMM is built for rapid deployment and effortless usability, enabling technicians to become productive from day one. With pre-configured capabilities, an intuitive user experience, and guided in-product walkthroughs, teams can quickly navigate and maximize the platform with minimal learning curve. Comprehensive certifications, continuous training programs, and 24/7/365 direct-to-technician support provide the knowledge and assistance needed to drive long-term success.

"Sephno saved 20+ hours per month per technician using this platform, driving hard cost savings, doubling growth rate and reinvesting in staff and services."

Xavier King, Sephno

AI Activity Log Insights

Conversational AI built directly into Datto RMM transforms raw activity log data into actionable operational intelligence. Technicians can query logs using natural language to quickly surface root causes, identify trends across sites, and receive automation recommendations. Tasks that once took two to four hours each week can now be completed in under 15 minutes. Pre-built insight templates for common use cases such as patch compliance, deployment outcomes, and component execution enable faster troubleshooting and smarter decision-making.

AI Device Insights

A unified conversational interface with complete device context enables technicians to move seamlessly from alert to root cause to remediation without switching dashboards. Correlated insights reveal connections between device activity, alerts, and tickets, delivering faster and more informed troubleshooting. AI-generated summaries and in-context alert analysis help reduce diagnosis and resolution times by up to 50%.

Patch Management

Policy-based patch management for Microsoft and third-party software is automated and scalable, enabling teams to deploy updates efficiently across the entire environment. Patch schedules are centrally managed, compliance reports are generated automatically, and patch status is visible across every device from a single unified dashboard. Automated delivery of compliance data eliminates the need for manual report creation, saving time while improving visibility and consistency.

Automation and Scripting

Dynamic device targeting and a flexible scripting engine enable scalable, efficient service delivery automation across IT environments. Hundreds of free, pre-built scripts and automation policies can be deployed immediately, helping technicians streamline routine tasks and enhance efficiency.

Ransomware Detection

Datto RMM monitors endpoints for crypto-ransomware using behavioral analysis of file activity. When an infected device is detected, automated responses attempt to terminate the ransomware process and isolate the device from the network while maintaining RMM contact. Technicians can take immediate action and restore affected endpoints using integrated Datto Continuity products without requiring physical access to the device.

Remote Support

Deliver secure, high-speed remote access to any device, regardless of location. Datto RMM includes built-in HTML5-based remote control capabilities, along with a comprehensive suite of remote support and screen-sharing tools. Technicians can choose between silent, non-disruptive backend connections or interactive front-end screen sharing, providing the flexibility to work discreetly or take visible control when needed.

Real-Time Monitoring

Monitor servers, VMs, ESXi hosts, PCs, laptops, and network devices in real time from a single platform. Intelligent auto-responses help resolve common issues automatically or provide critical diagnostic information before action is required, reducing downtime and accelerating response times. Datto RMM includes 84 editable, best-practice monitoring policies for Windows, macOS, Linux, and SNMP-enabled devices.

Reporting and Dashboards

Configurable dashboards provide real-time visibility into device health, client status, and operational activity. Automated, client-facing reports covering patch compliance, security posture, and device health can be scheduled and delivered without manual effort. A robust REST API also enables seamless custom reporting integrations and secure data sharing with other business systems.

Microsoft 365 Management

Datto RMM integrates with Microsoft 365 to provide a comprehensive overview of tenants, users, and associated devices. Technicians can view, search, filter, and export Intune-enrolled devices across multiple client tenants from a single interface. Routine M365 tasks are automated directly from Datto RMM, including user onboarding/offboarding, shared mailbox creation, password management, role assignments, and license management.

Windows 365 Cloud PC Support

Datto RMM closes the gap for Windows 365 Business Cloud PCs by automatically deploying the RMM agent. Cloud PCs are then monitored, patched, and automated the same way as any other managed endpoint — part of a named Microsoft integration partner program.

Network Topology Mapping

Datto RMM continuously discovers and identifies every device on a client network, generates a visual layout of device connections, and surfaces network issues quickly. Network and IoT devices are covered alongside managed endpoints, giving technicians a complete picture of the environment.

Integrations and Open Ecosystem

Datto RMM and Autotask PSA are a unified platform with synchronized assets and full bi-directional sync of alerts with tickets. An open ecosystem maintains out-of-the-box integrations with a broad range of MSP and IT-centric solutions. The powerful REST API allows teams to integrate Datto RMM into other key business systems.

Supported PlatformsWindows, Linux, macOS, VMware, SNMP Devices
Uptime99.99% proven track record
PSA IntegrationNative Autotask PSA integration with full bi-directional alert and ticket sync
EcosystemPre-built integrations with PSA, antivirus, warranty, and documentation platforms. Open REST API
VSA 10

VSA 10 is a unified RMM that combines remote monitoring and management, software and patch management, executive reporting, and endpoint automation in a single platform. VSA 10 supports SaaS, on-premises, and hybrid environments and is designed for IT professionals who need comprehensive endpoint coverage without managing multiple tools.

VSA 10 reduces software overhead by consolidating remote control, patch management, executive reporting, and endpoint monitoring into one solution. Routine tasks, tickets, and maintenance work are automated, transforming reactive incident response into efficient and consistent workflows.

See what VSA 10 has to offer:

AI Workflows

Full AI workflow capabilities are available across VSA 10, including support for triggers that enable automated workflows to respond to events automatically. Technicians can build, schedule, and deploy AI-assisted automation workflows from a single interface, and run ad hoc automations or cancel running workflows as needed.

AI Assistant

An AI assistant built into VSA 10 helps technicians find answers, navigate the platform, and complete tasks faster using natural language. It reduces the time technicians spend searching for information or learning new platform features.

Role-Based Access Control

Comprehensive RBAC gives administrators granular control over access across the platform, covering multiple team memberships, organization-level access, content-sharing folder permissions, automation hub folder sharing, and global profile enforcement.

Device Management

MDM Enhancements

Mobile device management (MDM) capabilities have expanded significantly. App deployment for macOS and Android via MDM, iOS location tracking, device location history, MDM Remote View, and iOS app deployment are all available. MDM is a fully capable component of the VSA 10 platform for managing mobile, Android, and Apple devices alongside Windows endpoints.

Patch Management

Remote Management

Automation

Endpoint Security

Ticketing, PSA, and Documentation

IT Professional
Endpoint Security
Datto AV — Next-Generation Antivirus

Datto AV is a next-generation antivirus solution built to protect businesses against today's most advanced threats — and the evolving threats of tomorrow. Powered by AI and machine learning, it identifies and stops zero-day threats, polymorphic malware, and script-based attacks in real time. When combined with Datto EDR, independent Miercom testing confirms a 99.62% malware detection and stop rate, making Datto AV a foundational layer in any endpoint security stack.

Key features:

Next-Generation Antivirus Engine

Datto AV moves beyond signature matching to deliver proactive, AI-driven protection. Its cloud-based engine updates every 20 minutes, achieving a 98% detection and neutralization rate — more than double the industry average — for zero-day threats, incorporating the latest machine learning models and heuristics to detect zero-day exploits and polymorphic malware before they cause damage.

Comprehensive Real-Time Protection

Datto AV scans files in real time using advanced unpacking capabilities. Two core scanning components work in tandem:

DNS Filtering

Datto AV's DNS Secure feature intercepts domain-based attacks before they reach endpoints — in both HTTP and HTTPS traffic. Administrators can block risky site categories and prevent access to command-and-control servers and known malware hosts. Easy to set up, with granular control available when needed.

Seamless AMSI Integration

Native integration with the Windows Antimalware Scan Interface (AMSI) provides advanced protection against dynamic, script-based malware that evades traditional detection methods. This includes coverage for Microsoft Office VBA macros, PowerShell, JavaScript, and VBScript, helping close common attack vectors associated with fileless malware.

Automatic Quarantine and Comprehensive Remediation

When Datto AV identifies a threat, it automatically quarantines the affected endpoint by temporarily changing DNS records to isolate it from the rest of the network in sandbox mode, preventing further infiltration or lateral movement. No manual intervention required. The remediation engine goes beyond detection to fully clean infected systems, including the file system, host file, scheduled tasks, registry artifacts, and malicious WMI event subscriptions.

Efficiency Meets Performance

Security should not come at the cost of productivity. Datto AV maintains a small memory footprint, under 1 GB of disk space, and includes an internal monitoring system that continuously checks for performance impact. End users experience protection without slowdowns.

Native Integrations

Datto EDR — Endpoint Detection & Response
Supported PlatformsMinimum HardwareDisk Footprint
Windows & MacDual Core 1.6 GHz+, 2 GB RAM (4 GB recommended), 2 GB HDD (5 GB recommended), Intel x86 32-Bit / 64-BitUnder 1 GB

Datto EDR is an advanced endpoint detection and response solution built for lean IT teams that need enterprise-grade protection without enterprise-level complexity. It detects advanced, behavior-based threats that bypass antivirus software, enables fast response from a single console, and — when paired with Datto AV — achieves a 99.62% malware detection and stop rate, validated by Miercom.

Advanced Threat Detection

Designed for Lean Teams

Ransomware Detection and Rollback

Datto EDR includes ransomware detection at no additional cost, using behavioral analysis to identify crypto-ransomware in real time. When detected, it alerts teams, isolates the device, and attempts to stop the attack before it spreads.


With Ransomware Rollback, recovery is just as fast. Files can be restored to their pre-attack state in a single click, eliminating data loss, downtime, and manual rebuilds. Rollback uses custom mini-filter drivers — operating independently of Windows Shadow Copy (VSS) — meaning it remains available even when attackers deliberately target the recovery mechanism.

Smart Investigate: AI-Powered Alert Analysis

Behavioral alerts can take 10–30 minutes to investigate manually. Smart Investigate reduces that to seconds. Built into every alert, it generates a clear, structured summary of key metadata using AI.

Smart Insights

Smart Insights analyzes 30 days of alert data to deliver a clear, environment-wide risk assessment. Instead of reviewing alerts individually, it identifies patterns, highlights high-risk devices, and prioritizes what matters most. Output includes a quantified risk score, identification of high-risk and anomalous devices, threat hotspots, prioritized remediation actions, and noise reduction recommendations. An exportable presentation view makes it easy to share in executive business reviews and customer conversations.

Recent Platform Investments (Q4 2025–Q2 2026)

  • AMSI integration
  • ARM64 support
  • Bulk response actions
  • Redesigned UI
  • New report templates
  • Role-based access controls
  • Local behavioral analysis engine optimization
  • Endpoint user interface improvements
Ransomware Detection

Ransomware Detection is a native security layer built into both Datto RMM and VSA 10. It monitors endpoints for crypto-ransomware using behavioral analysis of file activity and alerts technicians the moment encryption begins — without waiting for a user to report the incident. Once detected, the solution attempts to stop the ransomware process and isolates the affected device from the network to prevent spread, while maintaining RMM contact so technicians can act remotely.

Key Capabilities

"The real-time threat detection and the proactive approach of the SOC have provided us with the peace of mind to focus on expanding our business without compromising on security."

Mitchell Kinard, Novum Energy
Security professionals
Degarmo MDR — Managed Detection & Response

Degarmo MDR delivers 24/7, AI-augmented, human-led detection and response across endpoints, Microsoft 365, and firewalls. SMB threats are accelerating while expectations for around-the-clock protection continue to rise — and lean IT teams cannot realistically build or staff a Security Operations Center to meet that demand. Degarmo MDR solves this by providing continuous monitoring and expert response so you can focus on running your business.

24/7 Human-Led SOC Monitoring and Response

Degarmo MDR's global SOC, operating around the clock, provides continuous monitoring, investigation, and expert-led response. Analysts validate threats and take immediate containment actions such as device isolation, account lock, and session revocation, with direct phone access available when needed.

AI-Augmented SOC for Triage and Investigation

Every alert passes through an AI layer that automatically triages, correlates activity, and filters noise before reaching a human analyst. This reduces false positives, accelerates escalation of real threats, and cuts mean time to investigate from 20 minutes to under five.

Automated Response and Containment

Predefined response actions enable threats to be contained immediately upon detection, without requiring manual intervention. Capabilities such as mass isolation, automated account actions, and rule-based workflows stop threats quickly while keeping teams in control.

Unified Coverage Across Endpoints, Firewalls, and Microsoft 365

Degarmo MDR monitors and responds across endpoints, firewall activity, and Microsoft 365 to cover the most commonly targeted SMB attack surfaces. It correlates threats across identity, device, and network layers so activity is connected and not missed between tools.

400-Day Log Retention and Reporting

Degarmo MDR includes 400 days of searchable log retention to support investigation, compliance, and threat hunting. Its reporting engine delivers complete, consistent reports without expiration limits, making them ready to share directly with your stakeholders.

Flexible Security Stack Integration

Degarmo MDR integrates with both native and third-party security tools, allowing us to support diverse client environments without forcing migrations. The MDR platform is EDR/AV agnostic, fitting right into your existing stack.

Advanced Software Management

Advanced software management extends the native software management framework inside Datto RMM and VSA 10 to cover 200+ out-of-the-box third-party applications. It provides the automation and visibility needed to keep every application in the estate patched and compliant, closing a meaningful category of vulnerability exposure without adding manual work to technician queues.

Third-party patching is a critical part of maintaining a secure environment. Unpatched applications are one of the most common vectors for cyberattacks.

Key Features

Application Coverage Includes

AudacityLibreOfficeTeamViewer Box DriveMicrosoft .NET FrameworkTight VNC Cisco Webex MeetingsMicrosoft Office 365UltraVNC DropboxOpenOfficeVMware Workstation Player/Pro EvernoteOpera BrowserWinRAR Google DriveRealVNC VNC ServerWinZip and more Jabra DirectSlack KeePass 2
Endpoint Backup
Datto Endpoint Backup
Professional with tablet

Datto Endpoint Backup protects Windows and macOS endpoints, servers, virtual machines, cloud instances, desktops, and laptops against data loss and disruption. Its direct-to-cloud architecture eliminates the need for on-premises appliances or additional hardware procurement, simplifying deployment and management.

Data is replicated to the immutable Datto Cloud every two hours using Inverse Chain Technology, ensuring each backup remains fully independent for faster, more reliable recovery. Organizations benefit from a streamlined recovery experience while limiting potential data loss to a maximum of just two hours of work.

For internal IT teams, Datto Endpoint Backup delivers consistent data protection across the entire estate with clear backup status reporting that supports compliance and audit requirements.

Feature overview:

macOS Support

Professionals reviewing data

Enterprise-Grade Protection

Rapid and Reliable Recovery

Backup Visibility and Reporting

Additional Capabilities

Windows SupportWindows Server 2022/2019/2016/2012 R2, Windows 11, Windows 10
macOS SupportmacOS 26.x, 15.x
Backup FrequencyEvery hour to the Datto Cloud
Recovery OptionsFile/folder, bare metal recovery, VM image export, vDisk Export
Storage Included5 TB shared pool, included with Degarmo Managed Endpoint Suite license
SecurityForced MFA on management portal, SSL encryption in transit
Endpoint Automations
Components and Essential Automations

Because the Degarmo Managed Endpoint Suite consolidates endpoint management, security, backup, and 24/7 MDR into a single platform, IT teams can automate workflows across every component that disconnected point solutions simply cannot. These are not integrations between separate vendors, but native cross-module automations powered by a unified platform, shared data layer, and centralized workflow engine.

Pre-built automations are available from day one with no custom scripting, integration overhead, or complex per-vendor configuration required.

#AutomationDescriptionImpactTime SavedHome Module
Ticket Remediation
1Endpoint shortcut for EDRDatto RMM web remote from Datto EDR hostsReduce clicks from an EDR detection alert to the affected device to verify the threat200 mins/monthDatto EDR
2Endpoint shortcut for AVDatto RMM web remote from Datto AV hostsReduce clicks from a Datto AV detection alert to the affected device to verify the threat200 mins/monthDatto AV
Service Delivery
3Alert trigger for EDR eventsDatto EDR security event collation into Datto RMM alertsCentralize alerts into the primary alerting module and consolidate events250 mins/monthDatto RMM
4One-deploy for RMM policyNative VSA 10 policy for Ransomware DetectionMinimize time configuring ransomware detection and response rules on endpoints50 mins/monthVSA 10
5One-deploy for Degarmo MDRMDR install and activation from Datto RMMProtect endpoints faster and reduce MDR deployment time10 mins/monthDatto RMM
6One-deploy for RMM ransomware policyNative Datto RMM policy for Ransomware DetectionMinimize time configuring ransomware detection and response rules on endpoints50 mins/monthDatto RMM
Customer Hygiene
7SmartLook for EDRDatto EDR events in Datto RMM dashboardMinimize clicks for basic health checks, ensuring security threat alerts and active agents show full client coverage50 mins/monthDatto RMM
8True-sync for EDR policyDatto EDR deployment through native endpoint security policy in Datto RMMProtect endpoints faster and reduce EDR deployment time50 mins/monthDatto RMM
9True-sync for organizationsDatto EDR location sync from Datto RMMOnboard onto EDR faster10 mins/monthDatto EDR
10One-deploy for patchingNative Datto RMM policy for third-party patchingMinimize time configuring patching rules during customer onboarding10 mins/monthDatto RMM
11True-sync for health statusDatto AV agent install and health status in Datto RMMMinimize clicks to confirm AV is running on all endpoints of a client environment10 mins/monthDatto RMM
12One-deploy for backup installEndpoint backup install and activation from RMMReduce deployment time and protect endpoints with backup faster10 mins/monthDatto RMM
13One-deploy for RMM 3PP policy (VSA 10)Native VSA 10 RMM policy for third-party patchingMinimize time configuring patching rules on endpoints10 mins/monthVSA 10
14One-deploy for ransomware detectionRansomware detection native deploy with EDRMinimize time to deploy ransomware detection and rollback on endpoints50 mins/monthDatto EDR
15SafeCheck for EDR activityDegarmo MDR monitoring for Datto EDRObtain clearer insight into suspicious activities affecting an endpoint250 mins/monthDegarmo MDR
16SafeCheck for AV activityDegarmo MDR monitoring for Datto AVObtain clearer insight into suspicious activities affecting an endpoint250 mins/monthDegarmo MDR
17True-sync for organizationsDatto EDR location sync from VSA 10Onboard onto EDR faster10 mins/monthVSA 10
18True-sync for EDR health statusUnified endpoint security with Datto EDR and VSA 10Minimize clicks to confirm EDR is running on all endpoints of a client environment10 mins/monthVSA 10
19True-sync for AV health statusUnified endpoint security with Datto AV and VSA 10Minimize clicks to confirm AV is running on all endpoints of a client environment10 mins/monthVSA 10
Professional smiling

One subscription.
Complete endpoint coverage.

The Degarmo Managed Endpoint Suite unifies endpoint management, security, backup, and 24/7 managed detection and response within a single subscription. Each component is purpose-built and natively integrated, sharing data, workflows, and automation capabilities in ways disconnected point solutions cannot replicate.

Whether managing your internal IT estate or serving as your dedicated technology partner, Degarmo Technologies empowers your organization to achieve more while reducing vendor sprawl, operational complexity, and the need for additional headcount.

"We tripled our gross margins compared to the segregated stack and services we had before. The improvement to our business performance has been pretty drastic."

Craig Staffin, BCS IS|IT

Why Degarmo Technologies

1. Cost Reduction

2. Massive Efficiency Gains

3. Operational Peace of Mind

Business professional

Unlock complete endpoint coverage
with Degarmo Technologies.

Degarmo Technologies is a veteran-owned Managed Security Services Provider delivering comprehensive IT and cybersecurity solutions built around reliability, integrity, and client success. We handle the complexity of IT and security so you can focus on what matters most.

Get Started at degarmo.tech

Degarmo Technologies  |  Oklahoma City, OK  |  Colorado Springs, CO  |  degarmo.tech

Veteran-Owned  ·  Founded 2018  ·  Microsoft Partner  ·  Lenovo Partner