Mumbai: Although, Trend Micro recently announced its new detect and response solution XDR. It has been working on this aspect of enterprise security for some years now.
Trend Micro is among the very few cybersecurity providers that have taken a big bet on artificial intelligence (AI), analytics and sensor based technology to build integrated, enterprise-wide security solutions for businesses and organization.
Claimed as the first XDR solution, it offers security teams in enterprise and organization with detection and response capabilities that are integrated across email, network, endpoint, server and cloud workloads.
According to Trend Micro, the ‘X’ in XDR solution refers to the most extensive data sets or information in the organization that are highly protected across points such as email, network and endpoint, server and cloud workloads.
The main aim of XDR solution is to bring security synchronization across the enterprise and enabling the IT security teams to build a standardized security layer.
This would help these teams to have a better and wider visibility of the security in the organization and thus helps them detect and respond to threat alerts more quickly and accurately than in the past.
Stitching together an enterprise-wide security layer is a very complex but remains quiet essential for enterprises.
Today, around 55 percent of organizations use and deal with more than 25 different security technologies and yet suffer from cyberattacks and threats due to lack of integrated security mechanism, according to ESG research.
Managing the myriad of security technologies within the organization is no less than a big complex challenge for the security teams.
In fact, a SC Media survey published in 2018 found that IT security teams get more than 10,000 security alerts daily and that make it hard for them to act accurately and take precise actions.
From detecting and interpreting threat alerts to responding and taking timely actions, the security teams are under tremendous pressure to act, whether be it preemptive or reactive actions and measures to ensure the business continuity remains intact or least affected with limited damages.
And if there’s already a breach, then the security teams are tasked to minimize its impact, damages caused and contain that attack. That could be like a phishing email, injection of malicious code to exploit vulnerabilities in business application or even a ransomware attack.
This is where, the ‘time’ factor becomes very critical for security teams in dealing with numerous unknown security threats or large scale cyberattacks.
The longer the time to detect and respond, the higher are the damages and losses to the business. And this also means failure of security teams and raises questions on their capabilities to deal with attacks.
As per the Verizon 2018 Data Breach Investigations Report, “the mean time to identify a breach increased to 197 days and containing a breach increased to 69 days,” leaving criminals nearly 9 months hiding in an organization and causing damage.
And Trend Micro’s new XDR solution, according to experts in a way is trying to address that complex security scenario using the capabilities of AI, analytics and sensor based technology across the endpoints in the organization.
The XDR solution leverages those capabilities by linking different functions – detection, telemetry, process data, and network metadata across email, network, endpoint and cloud workloads. This minimizes manual work and quickly correlates events that humans are unable to process given the onslaught of daily alerts across individual product silos.
The single console and prioritized sourced solution applies the most effective expert analytics to the deep data sets collected from Trend Micro solutions across the enterprise, making faster connections to identify and stop attacks.
In 2019, Trend Micro has identified a high number of attacks that utilized lateral movement, with most bypassing the endpoint altogether which illustrates the need for centralized visibility.
“The threat landscape is unrelenting and the skills gap is nearly unsolvable, so we have done more to help. Business security cannot rely on endpoints alone,” said Steve Quane, EVP – Network Defense and Hybrid Cloud Security, Trend Micro.
“Unlike legacy EDR offerings that ignore certain key threat vectors like email, we scale across more sources for the most complete detections generated as early as possible,” added Quane.
Moreover, Trend Micro’s global threat intelligence adds further relevance and context around event data, and is enhanced by specific detection rules from the company’s security experts that target the highest priority threats.
It is designed to give enterprises broader visibility of a risk posture while connecting minor events from different security silos to detect more complex attacks that otherwise remain unnoticed.
XDR is available as a managed service to augment an in-house team with Trend Micro threat experts. Trend Micro’s Managed XDR provides 24×7 full threat analysis, threat hunting, response plans and remediation recommendations.
“Risk is not a static concern. Trend Micro’s XDR will solve so much of our pain. By taking over the burden of dealing with thousands of alerts a day, we can redeploy those resources to handle more strategic projects,” said Edwin Martinez, Director – Information Security and CISO, ClubCorp USA, Inc.
(Image source – Trend Micro)