A sound security architecture must cover all phases of the cybersecurity framework : identify ; protect ; detect ; respond ; and recover .
Although there are quite a few reasons for having access to detailed reporting and analytics , I will focus on three key use cases : incident investigation ; forensics ; and compliance .
Effective incident investigation relies on two principles : knowing ( in good time ) that something is happening ; and understanding quickly what is happening . Forensics is similar , with the difference that time is not as critical as in case of incident investigation . Here , the most important is to have access to untampered and accurate information . Compliance also relies on being able to provide authorities with detailed , reliable information on security incidents . Detailed reporting and security analytics are key in all three use cases .
With its detailed information on security incidents and reach context , EDR is an exceptional instrument to serve these use cases . It collects detailed event data from all endpoints in the network and stores it for extended periods of time .
How can organisations make EDR a key component of their overall cybersecurity strategy ?
A sound security architecture must cover all phases of the cybersecurity framework : identify ; protect ; detect ; respond ; and recover . EDR ( and XDR as an evolution of EDR ) is instrumental for detecting and responding to advanced cyberthreats .
Depending on the availability of skilled security personnel in-house , an organisation can integrate EDR in its security architecture in two ways : as a product ( EDR solution ), or as a service ( Managed Detection and Response ).
By choosing the MDR service , an organisation moves from acquiring security technology ( that is an excellent option for customers having an in-house security team ) to directly acquiring security outcomes , allowing the IT organisation to focus on other key initiatives .
Making detection and response part of the security architecture is a must in 2021 and enterprises can choose between EDR as a product or MDR , depending on what suits them better .
How does Bitdefender set itself apart from others in the EDR market ?
One of our core aims at Bitdefender is to bring more benefits to customers while reducing adoption challenges .
Bitdefender has at least three differentiation points :
• Market-leading threat detection proven by independent test like MITRE evaluations
• Integrated extended detection and response capabilities that allow customers to enjoy enhanced detection of advanced threats that are affecting a larger portion of the organisation and unified visibility on security incidents . This enhancement of EDR was named eXtended Endpoint Detection and Response
• Integration with the other security capabilities offered by Bitdefender ( risk analytics , hardening , prevention ) into one single unified endpoint security solution that promotes both ease of use and operational efficiency u
76 www . intelligentciso . com