EDR Security: Respond Software Announces Automated Detection and Investigation of EDR Data
Organizations need to respond faster to attacks. Endpoint Detection and Response (EDR) technology promised many organizations a way to detect attacks on endpoints and provide data history to do forensics.
The problem is that EDR tools create a large number of false positives and most organizations don’t have the headcount to churn through all of this endpoint data or the personnel with the appropriate knowledge of endpoints to do so.
The Respond Analyst is the first virtual analyst that provides a highly cost effective, machine consistent and thorough way of analyzing security-related alerts and data, freeing people and budget from initial monitoring and investigative tasks.
Respond Software is now applying this unique approach to EDR data from Carbon Black, CrowdStrike and SentinelOne, to provide customers with expert analysis right out-of-the-box. This approach creates immediate business value for security operations across industries.
The Respond Analyst automates the investigation, scoping and prioritization of EDR alerts into real, actionable incidents. With the addition of EDR data, Respond Software also broadens the integrated reasoning capabilities of the Respond Analyst to include endpoint system details -- identifying incidents related to suspect activity from binaries, client apps, Powershell and other suspicious entities.
Combining EDR analysis with insights from network intrusion detection, web filtering and other network telemetries, the Respond Analyst extends its already comprehensive coverage. The Respond Analyst allows security operations centers to dramatically increase visibility, efficiency and effectiveness, reducing false positives and increasing the probability of identifying true malicious and actionable activity early in the attack cycle.
And, it does this at a fraction of the cost (in many cases you get the productivity of a team of security analysts at the cost of one).
To learn more, check out our press release or watch this delightful webinar Automating SecOps – Monitoring & Triage for EDR Events, Tuesday, April 21 at 8:15 am PT.