Submitted by Steve Duncan
There’s a great deal of interest in the market for Endpoint Detection and Response (EDR). I had the chance to sit down and talk with Jon Oltsik of the Enterprise Security Group (ESG) to talk about changes in endpoint protection as it pertains to EDR.
What’s driving the buzz about EDR? Firstly, enterprises are always looking for new techniques to protect themselves from increasingly sophisticated malware and some standalone EDR vendors deliver their detection and response capabilities as part of EDR. Secondly, once an attack is discovered, customers want to know what was the root cause, and how it spread. Only by having events on the endpoint recorded, can you determine that, and EDR is sometimes a useful tool.
The downside of EDR is that it is operationally intensive. When you combine that with a global skills shortage in cybersecurity and the high level of skills needed to use the root cause tools, many customers can’t keep with EDR. Trend is addressing that in a couple of ways. We recognize that the highest priority for customers is improved detection and response, so we’ve integrated these capabilities into our endpoint protection platform to leverage the automation that already exists. For instance, advanced detection capabilities such as behavioral analysis, pre-execution machine learning, run-time machine learning and vulnerability protection work in concert with other endpoint detection and remediation capabilities.
For enterprises that want to have root cause analysis capabilities on top of their advanced detection and response, Trend offers Endpoint Sensor that allows them to query endpoints and build detailed analysis of how and where advanced attacks occurred. For those enterprises that may not have skilled threat researchers to develop this Trend is expanding it’s Managed Detection and Response services that’s already available in some limited geographies.
Fundamentally when you build in detection and response to endpoint protection that already has advanced automation, you are providing enterprises with a better layered protection. At Trend we called this XGen™: a cross-generational blend of threat techniques that uses the right technique at the right time for the best possible protection.
Watch our conversation here.