Analytics and Correlation of Detected Threats Across Endpoints and Networks in Hybrid Environments Improves Security Efficacy Against Cyberattacks
Bitdefender unveiled the next evolution of Endpoint Detection and Response solutions – eXtended EDR (XEDR) with the addition of analytics and cross-endpoint security event correlation to Bitdefender Endpoint Detection and Response (EDR) and GravityZone Ultra, the company’s unified endpoint prevention, detection, and response and risk analytics platform. These new capabilities increase security efficacy for identifying and stopping the spread of ransomware attacks, advanced persistent threats (APTs), and other sophisticated attacks before they impact business operations.
With integrated detection and response across operating systems (Windows, Linux, Mac) and hybrid environments (public and private cloud, on-premises), Bitdefender delivers a comprehensive, real-time view for security operations, greatly improving the ability for organizations of all sizes, even those without full-time security analysts, to detect covert attacks that would go unnoticed by analysis and detection on individual endpoints in isolation.
Sophisticated attacks designed to evade security technology detection often mimic ‘normal’ processes or execute in multiple stages through multiple vectors including endpoints, networks, supply chains, hosted IT and cloud services. Bitdefender XEDR thwarts complex attacks by ingesting, examining, and correlating telemetry across endpoints to detect indicators of compromise (IOCs), APT techniques, malware signatures, vulnerabilities, and abnormal behaviors. This advanced monitoring automates early detection of attack scenarios, providing security and IT staff with a single dashboard view wherever the attack started.
The new XEDR capabilities also enhance Bitdefender managed detection and response (MDR) by providing greater visibility and incident context during investigations to accelerate threat validation, response actions, and remediation.
“Organizations of all sizes across all industries are in the crosshairs of APTs and skilled cybercriminal groups,” said Steve Kelley, president, and general manager of Bitdefender Business Solutions Group. “Each application, email, unpatched vulnerability, partner relationship or third-party service represents a potential entry point to a catastrophic security incident. As adversaries evolve techniques to bypass defenses and move through environments undetected, event correlation beyond the boundaries of a single endpoint is crucial for cyber resilience. Bitdefender XEDR provides cross-endpoint correlation to detect and eliminate threats faster at each stage of an attack from early reconnaissance to the final payload.”
In a recent report***, Forrester Analyst Allie Mellen writes that “XDR providers will be limited or enabled by the EDR on which they are based. Choose your XDR based on an EDR with high efficacy detections, strong third-party partnerships or extended native capabilities, and automated response recommendations.”
XEDR builds upon the company’s industry-leading EDR solutions and advanced threat intelligence powered by the Bitdefender Global Protective Network (GPN), an extensive array of hundreds of millions of sensors continuously collecting endpoint threat data worldwide. In independent evaluations, Bitdefender consistently scores highest in detecting APT tactics and techniques. In the most recent MITRE ATT&CK test, Bitdefender achieved the highest number of detections of the 29 participating cybersecurity vendors.
XEDR with cross-endpoint event correlation is available now and comes standard with Bitdefender EDR.