November 11, 2020 | 3 minute read
Today’s targeted attacks increasingly take aim at multiple devices and users simultaneously while employing a range of tactics, techniques and procedures (TTPs). Defenders are forced to work in silos, employing disparate tools on each type of asset -- one solution for endpoint, another for cloud, a third for mobile and fourth to look at cloud identities.
To further complicate the work of the defender, traditional security solutions are alert-centric, generating an ever-growing volume of notifications that lack context and fail to correlate to one another even if part of the same attack.
While alerting may identify various aspects of an attack operation, they only reveal parts of the whole attack sequence, and mitigating part of an operation only slows the adversary’s progress but does not actually end the attack.
This alert-centric, siloed approach to securing complicated network infrastructure across on-prem, hybrid, cloud and mobile assets gives attackers ample opportunity to hide in the seams, which makes hunting, tracking and eliminating attackers all but impossible.
That’s why we are excited to announce the availability of Cybereason® XDR for Extended Detection and Response. Cybereason XDR is a unified solution that is operation-centric, fusing endpoint telemetry with behavioral analytics to empower global enterprises to swiftly detect and end entire attack operations on the endpoint, in the cloud, on mobile devices and everywhere on their networks. The release of Cybereason XDR follows the recent announcement of the Cybereason Breach Protection Warranty, which provides up to $1 Million in coverage in the event of a breach with the Cybereason Ultimate package.
Cybereason XDR breaks down the threat intelligence silos, reverses the attacker advantage and returns the high ground to the defenders by extending detection and response capabilities across the broader IT ecosystem. Cybereason XDR delivers a unified platform solution that puts contextualized data fusion and the Malop™ (malicious operation) at the focal point of an operation-centric approach. Cybereason XDR also leverages direct integrations with partners such as Okta, G Suite, AWS, and more to automatically surface anomalous user behavior, insider threats, and make it easy to understand the full attack story behind any incident. Bringing these capabilities to our customers is the realization of our core brand promise and mission as a company to end attacks on the endpoint, across the enterprise, to everywhere. This is how we deliver future-ready security.
"XDR is one of 2020’s most important security trends, providing much needed support to security operations teams in detecting and responding to advanced threats. Bringing together security telemetry from multiple security controls enables analysts to detect and investigate threats that would have otherwise been missed, while enabling more rapid remediation," said Dave Gruber, Senior Analyst, ESG.
"Cybereason has built a powerful, extensible analytics platform capable of detecting modern cyberthreats, as demonstrated through their strong prevention, detection, and response offerings. Expanding the platform to ingest security data from a broad set of security controls further demonstrates the power of the platform, as it grows to support the continuously changing threat landscape."
With Cybereason XDR, defenders can pinpoint, understand and end any Malop malicious operation across the entire IT stack whether on-prem, mobile or in the cloud. Cybereason XDR:
Improves visibility across the enterprise: Cybereason XDR unifies cloud, endpoint, network and log data to expose malicious operations or Malops. This means the defenders never lose sight of the attacker. Once detected, every single activity can be tracked, analyzed and remediated.
Allows defenders to intercept any Malop™ instead of chasing alerts: Cybereason XDR does more than alert on singular attack actions - it correlates all attack activity and presents the intelligence as an intuitive Malop visualization that significantly decreases investigation and remediation periods.
Delivers enhanced correlations across both Indicators of Compromise (IOCs) and Indicators of Behavior (IOBs): Cybereason XDR recognizes the most subtle signs of compromise derived from across the whole of an organization’s network.
Ends targeted attacks with intelligent response options: Cybereason XDR significantly reduces mean time to respond (MTTR) with automated and guided one-click mitigation from a single console across all networks without the need to craft complex queries, allowing Level 1-2 analysts to perform with Level 3 proficiency.
“We started off as an EDR customer -- as we have grown, our attack surface has expanded beyond the endpoint,” said Andreas Schneider, CISO at TX Group. “Cybereason XDR is perfect for protecting our work-anywhere endpoints, our digital cloud-based products, our legacy systems as well as our industrial infrastructure. This approach has eliminated the noise so we can focus on what matters and use our skilled staff on strategic initiatives instead of chasing alerts.”
Cybereason was built entirely to identify Malops, or malicious operations, by attackers through context-rich correlations, no matter where that attack is taking place. Cybereason XDR is a natural extension of those capabilities by delivering superior prevention, detection and response beyond the endpoint to the enterprise and everywhere.
The Cybereason Security Team champions cyber defenders by providing future-ready attack protection that unifies security from the endpoint, to the enterprise, to everywhere the battle moves. The Cybereason Defense Platform combines the industry’s top-rated detection and response (EDR and XDR), next-gen anti-virus (NGAV), and proactive threat hunting to deliver context-rich analysis of every element of a Malop (malicious operation). The result: defenders can end cyber attacks from endpoints to everywhere.All Posts by Cybereason Security Team