The Respond Analyst XDR Engine | Sophisticated Math, Simple Packaging
The Respond Analyst, frees up people and budget enabling investigation power at machine speed.
The Respond Analyst Packaging
The Respond Analyst augments your frontline team, finding and escalating only important security incidents across your alerts and data. Respond Software offers flexible packaging options to fit your specific security requirements.
Please call us at 1 (650) 282-2270 or contact us through our website for pricing details.
Standard
Signature-based sensor XDR
- Network Intrusion and Detection Protection Systems
- Endpoint Protection Platforms
- Up to 10K endpoints
- 2 users
Organizational context:
DHCP, Safe Lists, Incident History, Vulnerability scans, Manual Asset & Account Criticality Lists
Intelligence sources:
OTX Threat Intel, Public VPN Information Service, Geolocation Service, Geo Suspicious, TOR Anonymization Information Service
Premium
Advanced sensor XDR
- Includes Standard package sensor evidence
- Endpoint Detection and Response
- Web filter/proxy
- Industrial Control Systems (ICS) Intrusion and Detection Systems
- Up to 25K endpoints
- 4 users
Organizational context:
Standard, plus Automated Asset & Account Criticality Identification, Active Directory, Geo Location Importance, TTP Importance
Intelligence sources:
Standard, plus VirusTotal Threat Intel, Whois service, custom TIP support (STIX/TAXII)
Enterprise
Enterprise XDR
- Includes Premium package sensor evidence
- Unlimited endpoints
- Unlimited users
Organizational context:
Same as Premium
Intelligence sources:
Same as Premium
Use Cases:
All Premium Package use cases.
Cybersecurity Scenarios
Cybersecurity scenarios incorporate the MITRE ATT&CK® Framework and broader situations that require incident response.
Standard
- Initial Access Exploitation
- Malware Communications
- Malware Outbreak
- Exploitation Platform/Tools
- Lateral Movement Exploitation
- Network Reconnaissance Discovery
Premium
All Standard Package Scenarios included, plus:
- Endpoint Malware
- Credential Compromise
*Premium Scenarios include additional data from EDR and web filtering sensors for triaging, scoping and escalating incidents.
Investigative Actions
All packages include Investigative Action capabilities relating to the defense of the environment. Premium and Enterprise Packages are enhanced by additional sensor data from Endpoint Detection and Response and web filtering event collection.
| Investigative Action | Standard | Premium | Enterprise |
|---|---|---|---|
| External System Reputation Analysis |  |
|
|
| Internal System Vulnerability Classification | |
|
|
| Asset Criticality and Classification Identification | |
|
|
| Internal System Previous and Current Incident Analysis | |
|
|
| Network Intrusion Signature Classification | |
|
|
| Network Intrusion Signature Importance Analysis | |
|
|
| Network Traffic Direction Analysis | |
|
|
| Network Traffic System Behavior Analysis | |
|
|
| Network Traffic System Behavior Analysis | |
|
|
| Network Malware Beaconing Analysis (IP Address) | |
|
|
| Network Malware Outbreak Analysis | |
|
|
| Network Lateral Movement Analysis | |
|
|
| Account Criticality and Classification Identification | |
|
|
| Endpoint Malware Classification | |
|
|
| Endpoint Malware Importance Analysis | |
|
|
| Endpoint Malware Outbreak Analysis | |
|
|
| Endpoint Repeat System Offender Classification | |
|
|
| Endpoint Repeat User Offender Classification | |
|
|
| Endpoint Agent Action Analysis | |
|
|
| Endpoint Hash Reputation Analysis | |
|
|
| Endpoint Scan Type Classification | |
|
|
| Endpoint Detection Type Classification | |
|
|
| Endpoint File Characteristic Analysis | |
|
|
| Exploitation Tool Detection | |
|
|
| Premium* External System Reputation Analysis | |
|
|
| Premium* Internal System Vulnerability Classification | |
|
|
| Premium* Internal System Type Classification | |
|
|
| Premium* Internal System Criticality Classification | |
|
|
| Premium* Internal System Previous and Current Incident Analysis | |
|
|
| Premium* Account Type Classification | |
|
|
| Premium* Account Criticality Classification | |
|
|
| Premium* Endpoint Agent Action Analysis | |
|
|
| Premium* Endpoint Hash Reputation Analysis | |
|
|
| Endpoint Signature Classification | |
|
|
| Endpoint Signature Importance Analysis | |
|
|
| Endpoint Command Line Evasion Analysis | |
|
|
| Endpoint File Signature Verification Analysis | |
|
|
| External Domain Registration Information Analysis | |
|
|
| External Domain Reputation Analysis | |
|
|
| External Domain Associated File and URL Analysis | |
|
|
| Web Traffic Malware Beaconing Analysis (Domain) | |
|
|
| Premium* Exploitation Tool Detection | |
|
|
| Premium* Investigative Actions include additional data from EDR and web filtering sensors for triaging, scoping and escalating incidents. |
What Analysts Are Saying
“It’s critical to identify, investigate, and escalate the critical security alerts across your existing security stack. The Respond Analyst can assist beleaguered security teams to do so.”
DOWNLOAD
The Respond Analyst, an XDR Engine Data Sheet
The Respond Analyst, an XDR Engine, is the first decision automation system for cybersecurity. With the speed, scale and consistency, the Respond Analyst is ready to go to work, out-of-the-box.
See the Respond Analyst in Action
Join our growing community! Subscribe to our newsletter, the "First Responder Notebook," delivered straight to your inbox.