Cybersecurity software program maker Bitdefender threw its hat into the prolonged detection and response (XDR) ring Thursday with a local providing it is calling GravityZone XDR. The product is designed to get safety groups up and operating out of the field, with options that embrace:
- Rapid, cross-correlation risk detection, which makes use of modern arithmetic and risk conduct fashions to detect superior threats, preliminary assault levels, and anomalous utility and identity behaviors
- Automated risk identification and prioritization, which makes use of a built-in incident advisor for root trigger and risk context evaluation, permitting safety groups of any dimension and skillset to view risk detections, perceive a risk’s impression on operations, and take really helpful actions to include or get rid of threats—all from a single view
- Recommended risk response actions that may be resolved throughout endpoints, identities, electronic mail, cloud, and functions, with a single click on
Bitdefender additionally labored on making these options straightforward to make use of. “Security technology can seem overwhelming to a security analyst, let alone a layperson, so we built the user interface hand-in-hand with our customers through an early access program,” explains Bitdefender vice chairman for product and technical advertising and marketing Amy Blackshaw. “Customers partnered with us day in, day out, not just on capabilities and problems they were trying to solve, but on how they wanted to consume information from a UI and UX perspective. What that has led to is a very intuitive design.”
XDR constructed on present cybersecurity investments
“In the journey to XDR, businesses want to build upon their existing cybersecurity investments,” Michael Suby, a vice chairman of analysis at IDC, stated in a press release. “They also want XDR to produce tangible results, such as reducing attacker dwell time and improving SOC efficiency. By adding features like pre-built detections into sensors (minimizing custom detection writing), root cause analysis, and alert prioritization, Bitdefender is hitting both objectives.”
Mahmood Haq, CISO at MyVest, a wealth administration firm, additionally praised Bitdefender’s product. “GravityZone XDR excels at connecting and correlating incidents over time throughout our entire operations, and we experienced immediate value,” he stated in a press release. “The benefit of having a single-vendor solution with out-of-the-box detection capabilities for identifying and investigating known and unknown threats and providing our analysts with the knowledge of what and how an incident happened with the best ways to respond cannot be overstated.”
Native XDR controls what’s coming into the system
A number of the implementations right now are native XDR, which use the seller’s toolset, observes Forrester Analyst Allie Mellen. “That makes a lot of sense because the challenge of integrating other tools from another third-party ecosystem are the same as those we’ve seen with SIEM,” she says. “Once you start trying to optimize for flexibility and modularity, it becomes difficult to control the quality of protection and to continuously provide detection.”
“Native XDR has taken hold with a lot vendors because it allows them to control what’s coming into the system and what’s going out of the system so they can optimize detection,” Mellen provides.
The different to native XDR is open or hybrid XDR. “An open XDR vendor is focusing on the security analytics layer, but doesn’t own the downwind security stack,” Blackshaw explains. “They work through integration of other vendors’ technology, usually through alliances or an ecosystem of security vendors.
A positive aspect of hybrid XDR is it has the potential to mix best-of-breed applications with its offering. “But,” Mellen notes, “purchasers aren’t as involved about going for better of breed as they was once and most of the distributors offering the platform strategy have already got one of the best instruments in the marketplace.”
Copyright © 2022 IDG Communications, Inc.