One of the greatest truths in cybersecurity is that defenders need to be right all the time, while cybercriminals only need to be right once. Attacks are increasingly sophisticated and ramified, simultaneously targeting a range of potential entry points with multiple tactics, techniques and procedures. One the other hand, security professionals are faced with a widening attack surface to monitor, each asset with its own specific tool, generating its own stream of alerts and notifications.
This siloed model is bound to become unsustainable as the complexity of the environments to protect increases and as threat actors expand their arsenal of weapons. Where attacks come from multiple fronts, a unified approach works better to provide the necessary context to identified individual attempts as part of a broader effort to compromise systems. Alerting remains useful to highlight and prompt the mitigation of single instances, but doesn’t give security teams the chance to shut down larger operations and actually end an ongoing attack.
In response to this growing need for a more unified approach to security, Cybereason has announced the availability of Cybereason® XDR for Extended Detection and Response. The solution is operation-centric, fusing endpoint telemetry with behavioural analytics to empower global enterprises to swiftly detect and end entire attack operations on the endpoint, in the cloud, on mobile devices and everywhere on their networks. The release of Cybereason XDR follows the recent announcement of the Cybereason Breach Protection Warranty, which provides up to $1 Million in coverage in the event of a breach with the Cybereason Ultimate package. The generous compensation of this breach protection warranty accounts for Cybereason’s confidence in their product, but also to their desire to give their customers the peace of mind of being covered even in the worst case scenario.
Cybereason XDR reverses this attacker advantage and returns the high ground to the defenders by extending detection and response capabilities across the broader IT ecosystem that makes up modern enterprise environments. With Cybereason XDR, defenders can pinpoint, understand and end any Malop™ (malicious operation) across the entire IT stack whether on premises, mobile or in the cloud.
“XDR is one of 2020’s most important security trends, providing much needed support to security operations teams in detecting and responding to advanced threats. Bringing together security telemetry from multiple security controls enables analysts to detect and investigate threats that would have otherwise been missed, while enabling more rapid remediation,” said Dave Gruber, Senior Analyst, ESG. “Cybereason has built a powerful, extensible analytics platform capable of detecting modern cyberthreats, as demonstrated through their strong prevention, detection, and response offerings. Expanding the platform to ingest security data from a broad set of security controls further demonstrates the power of the platform, as it grows to support the continuously changing threat landscape.”
Andreas Schneider, CISO at TX Group, added: “Cybereason is a trusted security partner who shares our same values and vision to automate security, and they have kept evolving along with our business as we became a cloud-first, agile company. We started off as an EDR customer — as we have grown, our attack surface has expanded beyond the endpoint. Cybereason XDR is perfect for protecting our work-anywhere endpoints, our digital cloud-based products, our legacy systems as well as our industrial infrastructure. This approach has eliminated the noise so we can focus on what matters and use our skilled staff on strategic initiatives instead of chasing alert”.
Cybereason XDR, key features:
- Improves visibility across the enterprise: Cybereason XDR unifies cloud, endpoint, network and log data to expose malicious operations or Malops. Cybereason XDR automatically surfaces anomalous network behaviour and makes it easy to understand the full attack story behind any incident. This means the defenders never lose sight of the attacker. Once detected, every single activity can be tracked, analysed and remediated.
- Allows defenders to intercept any Malop™ instead of chasing alerts: Cybereason XDR does more than alert on singular attack actions – it correlates all attack activity and presents the intelligence as an intuitive Malop visualisation that significantly decreases investigation and remediation periods.
- Delivers enhanced correlations across both Indicators of Compromise (IOCs) and Indicators of Behavior (IOBs): Cybereason XDR recognizss the most subtle signs of compromise derived from across the whole of an organisation’s network.
- Ends targeted attacks with intelligent response options: Cybereason XDR significantly reduces mean time to respond (MTTR) with automated and guided one-click mitigation from a single console across all networks without the need to craft complex queries, allowing Level 1-2 analysts to perform with Level 3 proficiency.