Story image

Bitdefender releases new EDR security solution to achieve 'holy grail' of protection

13 Nov 17

Bitdefender has released a new cloud-based security offering to the market that brings together endpoint detection, prevention and response into a single console.

The company designed its GravityZone XDR to be a layered platform that is able to provide protection against both known and unknown cyber threats.

According to Harish Agastya, VP of Enterprise Solutions at Bitdefender, “EDR as a technology holds much promise for the security industry, but existing market offerings are too complex to be deployed by most organisations.”

XDR uses a combination of firewall and patch management abilities and it is able to block threats at pre-execution through machine learning. 

The company included real-time process monitoring, anti-exploit protection, sandbox analysis and full disk encryption as part of its offering.

“These components work together to continuously evolve protection of the endpoint from increasingly sophisticated attackers while supporting an organization’s overall security posture,” the company states.

The company has also integrated big data as part of a threat analytics module. It uses an event recorder to stream insights about event chains that look suspicious.

Security administrators are also able to look up XDR investigations in VirusTotal and submit samples for behaviour analysis to Bitdefender’s Sandbox Analyser. They can then delete, kill or quarantine any indicators of compromise or apply policy changes.

“With only the most relevant events being offered for incident response, threat hunting cost and effort are lowered. Having this EDR capability as part of a truly integrated security platform enables the holy grail of endpoint protection - prevent, detect, investigate, respond, and evolve,” Agastya continues.

In a separate announcement, the company announced a collaboration with Microsoft to provide enterprise security for Mac and Linux devices.

Enterprise customers will be able to access Bitdefender’s solutions across Microsoft’s Windows Defender ATP management console.

Microsoft selected Bitdefender for its reputation for having the ‘highest malware detection efficacy and fewest false positives for Mac and Linux endpoints,’ the company says in a statement.

We are delighted to have this opportunity to work with Microsoft and be one of their ‘go-to’ partners for Windows Defender ATP customers needing to protect Mac and Linux devices,” comments Vince Schiavo, Bitdefender’s SVP of Worldwide Enterprise Sales and Marketing.

Moti Gindi, Microsoft’s general manager of Windows Cyber Defense, says customers can extend Microsoft protection to non-Windows endpoints.

“This provides Sec-ops holistic protection and visibility across their Windows and non-Windows endpoints and ensures they can quickly and accurately detect, investigate and responds to attacks across their entire install base.”

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
CERT NZ highlights rise of unauthorised access incidents
“In one case, the attacker gained access and tracked the business’s emails for at least six months. They gathered extensive knowledge of the business’s billing cycles."
Report finds GCSB in compliance with NZ rights
The Inspector-General has given the GCSB its compliance tick of approval for the fourth year in a row.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.