Endpoint Detection and Response
Extended threat detection, focused investigation and effective response

The New EDR: eXtended Endpoint Detection and Response (XEDR)

Cyber-criminals are growing ever more sophisticated and today’s advanced attacks are increasingly difficult to detect. Using techniques that individually look like routine behavior, an attacker may access your infrastructure and remain undetected for months, significantly increasing the risk of a costly data breach
The new Endpoint Detection and Response capability from Bitdefender extends EDR analytics and event correlation capabilities beyond the boundaries of a single endpoint, to enable you to deal more effectively with complex cyber attacks involving multiple endpoints
This cross-endpoint correlation technology combines the granularity and rich security context of EDR with the infrastructure-wide analytics of XDR (eXtended Detection and Response). By providing threat visualizations at organizational level, XEDR helps you focus investigations and respond more effectively
EDR is available as a standalone solution that complements your existing endpoint protection solution or as a fully integrated endpoint protection platform

? What are the benefits of Bitdefender EDR security

Maximum Efficiency

Easy-to-deploy, low overhead agent with cloud-delivered management

Unique human and endpoint risk analytics supply actionable advice to improve your security posture and reduce risk

Flexible, scalable and upgradeable to the full Bitdefender endpoint protection platform and to managed detection and response (MDR)

Focused investigation and response

Easy-to-follow built-in response workflows enable you to respond efficiently, limit lateral spread and stop ongoing attacks.

Threat visualizations at the organizational level focus your investigations, help you understand complex detections, identify the root cause of attacks and help you respond quickly

Automated alert prioritization with one-click resolution capabilities

Industry-leading detection

Enhanced threat detection and visibility that enables the strengths of XDR for protecting endpoints

Full visibility of the techniques, tactics and procedures (TTPs) being used to attack your systems

Comprehensive search capabilities for specific indicators of compromise (IoCs), MITRE ATT&CK techniques and other artifacts to discover early-stage attacks

Report and Alert

Determine Risk – Continuously analyses human and endpoint risk using hundreds of factors to uncover and prioritize configuration risks to all your endpoints. Helps identify and provides guidance on mitigating user, network and system risks

Real-time dashboards – Deliver insights into the security posture of your environment

Comprehensive reports – Provide the information you need to measure impact on the business

Notifications – Configurable dashboard and email notifications

SIEM Integration and API Support – Supports further integration with Splunk and other tools

Investigate and Respond

Indicators of Compromise (IoC) Lookup – Query the events database to uncover threats. Uncover MITRE ATT&CK techniques and indicators of compromise. Up to the minute insight into named threats and other malware that may be involved

Visualization at the organization level – Comprehensive and easy-to-understand visuals of adversary actions, enriched with context and threat intelligence, highlight critical attack paths, easing burdens on IT staff. Helps identify gaps in protection and incident impact to support compliance

Detonation – Operator-instigated sandbox investigation helps you make informed decisions on suspicious files

Blocklist – Stop the spread of suspicious files or processes detected by EDR to other machines

Process Termination – Instantly terminate suspicious processes to stop potential live breaches

Network Isolation – Block connections to and from endpoint to stop lateral movement and further breaches while investigating incidents

Remote shell – Execute remote commands on any workstation for immediate reaction to ongoing incidents

Detect

eXtended Endpoint Detection and Response (XEDR) – This cross-endpoint correlation technology takes threat detection and visibility to a new level by applying XDR capabilities for detecting advanced attacks involving multiple endpoints in hybrid infrastructures (workstations, servers or containers, running various OS).

Cyber Threat Analytics – Cloud-based event collector continuously distils endpoint events into a prioritized list of incidents for additional investigation and response.

Event Recorder – Continuous endpoint event monitoring that feeds events to threat analytics to build threat visualizations of the events involved in an attack.

Sandbox Analyzer – Automatically executes suspicious payloads in contained virtual environment. The threat analytics module then uses this analysis to make decisions on suspicious files.

? How does Bitdefender EDR Security work

Bitdefender EDR is natively a cloud-delivered solution with full support for on-premises deployments. EDR agents are installed on all your organization’s endpoints. Each EDR agent has an event recorder that continuously monitors the endpoint and securely sends insights and suspicious events to the GravityZone platform

In Gravity Zone, the Threat Analytics module collects and distils endpoint events into a prioritized list of incidents for additional investigation and response. It sends suspicious files for detonation in the Sandbox Analyzer then uses the sandbox verdict in EDR’s incident reports. The EDR real-time dashboard can be accessed from any device to enable administrators to see alerts and visualizations, then investigate and respond effectively to threats

צור קשר עם נציג
Multipoint Group

השאר פרטים וניצור קשר בהקדם