Bitdefender recently announced GravityZone XDR, a cloud-based security solution that offers integrated endpoint detection, prevention and response capabilities from a single agent managed by a single console. Specifically designed to offer protection against cyber threats that evade traditional defense mechanisms, it empowers resource-strapped businesses with lean IT teams and/or that operate without a Security Operation Center (SOC).
GravityZone XDR is a layered next-generation endpoint security platform that provides protection against cyber threats. Like other versions of GravityZone, XDR reduces the attack surface on multiple fronts:
- Through firewall and patch management capabilities
- Blocking advanced threats at pre-execution through tunable machine learning models
- Detecting malicious behavior through real-time process monitoring
- Anti-exploit protection and sandbox analysis
- Protects data at rest via full disk encryption
GravityZone XDR boasts a new cloud-based Threat Analytics module that performs Big Data event correlation, identifying incidents of significance for the security administrator to investigate. Employing an event recorder, it continuously streams insights on chains of events that look suspicious, based on telemetry, processes, network policies and registry entity actions.
Once the level of threat is identified, security administrators can perform one-click investigations in XDR to look up VirusTotal or submit samples for behavior analysis to Bitdefender’s Sandbox Analyzer. With surgical precision, admins can take immediate resolution – delete, kill or quarantine – for any indicators of compromise, and even apply policy change from the same interface to evolve the future security posture of vulnerable endpoints.
According to Harish Agastya, VP of Enterprise Solutions at Bitdefender, “EDR as a technology holds much promise for the security industry, but existing market offerings are too complex to be deployed by most organizations. That is why we have specifically designed GravityZone XDR to be EDR made easy.”
He went on to say, “It provides security administrators with intuitive workflows and a contextual map to understand threat impact. With only the most relevant events being offered for incident response, threat hunting cost and effort are lowered. Having this EDR capability as part of a truly integrated security platform enables the holy grail of endpoint protection – prevent, detect, investigate, respond, and evolve.”
GravityZone XDR is available on both endpoints and servers as part of the GravityZone Ultra integrated suite.