Endpoint Detection and Response (EDR) Integration
The Respond Analyst, an XDR Engine automates the investigation, scoping and prioritization of EDR alerts into real, actionable incidents. With the addition of EDR data, Respond Software also broadens the integrated reasoning capabilities of the Respond Analyst to include endpoint system details.
Security Orchestration Automation and Remediation (SOAR) Integration
The Respond Analyst, an XDR Engine enables organizations to unlock the true automation capabilities of their SOAR deployments by managing the up-front analysis of events before they are passed to the SOAR system. The Respond Analyst is scalable to handle millions of events, only escalating real incidents into SOAR for remediation
Inferred Context in Security Analysis
Can the Respond Analyst, an XDR Engine, really mimic a security analyst’s judgement? What is Inferred Context in Security Analysis? The Respond Analyst improves security escalation decisions leveraging existing sensors along with context of local environments, such as Dynamic Host Configuration Protocol (DHCP) information and critical asset lists.
More data = Better Decisions The Respond Analyst, an XDR Engine includes Integrated Reasoning, the capability to look at multiple data sources including Network Intrusion Detection Systems (NIDS), Endpoint Protection Platforms (EPP) and web filters to identify real, actionable malicious behavior in your environment. Identifying these threats faster means reduced detection and attacker dwell times, while eliminating the need to chase false positives.
Dynamic Scoping and Reprioritization
The Respond Analyst, an XDR Engine is constantly re-evaluating the probability and likelihood of a security threat as more information is collected by security sensors. Because the Respond Analyst uses decision automation it can recall events that occurred in the past and correlate any new information that is collected to enrich incidents for escalation and remediation.