Cybereason Recognized in Debut XDR New Wave™ Report
October 13, 2021 |
2 minute read
As we enter Q4 of a hyper-growth year for XDR, Cybereason is in full gear: We’re just getting started! We remain undefeated in protecting our customers from headline-stealing attacks like SolarWinds, the Microsoft Exchange Server attacks, and dangerous ransomware attacks from DarkSide, REvil and other adversaries.
Cybereason XDR was one of only 14 solutions included in this first ever XDR report from Forrester, which we believe is a testament to our ability to prevent high-impact attacks, accelerate incident response, and simplify investigations and threat hunting, from the endpoint to across the enterprise.
In addition to top-tier product talent and 70+ IT & security integrations, our empow acquisition brings Prediction algorithms, capable of anticipating an attacker’s likely next steps through machine learning models applied to XDR data. This intelligent decision engine highlights areas of risk and suggests proactive prevention and response actions to take:
Cybereason Defense Platform MalOp Display
Cybereason XDR provides a novel way to manage security operations by visualizing key stages of a MalOp™ (malicious operation). This includes root cause, any affected users & assets, a full timeline of the incident, suggested response actions, and attack predictions. Cybereason XDR leverages the power of the Cybereason Defense Platform in combination with our SOCs who conduct proactive monitoring and threat hunting around the clock and across the globe.
Inclusion in this debut XDR report from Forrester follows:
Our employees, IT infrastructure, and data are more dispersed than ever before. As security leaders, it’s now essential we extend protection beyond our corporate assets and networks to identities, applications -- wherever our employees and critical data reside.
The traditional defense stack includes tens of tools and technologies, each monitoring and protecting an important facet of the environment: Endpoint Detection and Response, Firewall, Email Protection, Identity Protection:
Malicious Operations Attack Kill Chain
Then, key events and data get centralized into a SIEM for investigation, and then off to a SOAR tool for orchestration and response. The challenge is, running this type of stack is expensive to build and maintain, it requires skilled operators to run (and the work isn’t fun), and ultimately, it’s still a step behind the attacker in terms of response times and ending a malicious operation.
Eric Sun is a Product Director at Cybereason, focused on helping security teams measure and improve their resilience against modern threats. Eric works closely with the Nocturnus research team and global SOCs to understand emerging attack campaigns and evolving best practices. He brings a layer of behavior analytics and risk management from his many years in Asia as a professional poker player.