Bitdefender, a global cybersecurity leader, today unveiled GravityZone XDR, a native XDR solution designed to provide rich security context, correlation of disparate alerts, out-of-the-box analytics, rapid triage of incidents and attack containment through automated and guided response actions across a business’s entire environment. The solution delivers rapid value by helping maximize security team effectiveness, improving threat hunt efficiency, minimizing attacker dwell time, and enabling greater cyber resilience from day one.
“GravityZone XDR excels at connecting and correlating incidents over time throughout our entire operations and we experienced immediate value,” said Mahmood Haq, chief information security officer at MyVest. “The benefit of having a single-vendor solution with out-of-the-box detection capabilities for identifying and investigating known and unknown threats and providing our analysts with the knowledge of what and how an incident happened with the best ways to respond cannot be overstated.”
Bitdefender GravityZone XDR expands threat visibility across infrastructure, workloads and applications by correlating data and threat detections from endpoints, productivity applications, clouds, identity sources, and network data into a single actionable view. Real-time threat intelligence from Bitdefender Labs and the Bitdefender global network of millions of endpoints, coupled with behavioral analytics and machine learning, correlates disparate incidents and drives informed decision-making on alert prioritization, root cause analysis, threat containment and remediation. Through automated and guided response, security teams can quickly take remediation actions with a single click.
“In the journey to XDR, businesses want to build upon their existing cybersecurity investments,” said Michael Suby, vice president of research at IDC. “They also want XDR to produce tangible results, such as reducing attacker dwell time and improving SOC efficiency. By adding features like pre-built detections into sensors (minimizing custom detection writing), root cause analysis and alert prioritization, Bitdefender is hitting both objectives.”
In a recent report¹, Forrester Research details the value of a native XDR architecture, “XDR solutions built from EDR solutions with high efficacy detections, automated root cause analysis, prescriptive response recommendations, and strong native capabilities or third-party partnerships will excel.” The report goes on to say, “Native XDR is XDR offered with tight alignment to other tools that already exist in a vendor’s own portfolio. Smaller or less mature teams benefit from a faster time-to-value through quicker and simpler deployment of multiple native tools.”
Bitdefender GravityZone XDR deploys as a SaaS solution or via the Bitdefender Managed Detection and Response (MDR) service. In addition, it is used in the Bitdefender security operations center (SOC), providing security analysts and threat hunters even greater visibility and context to accelerate investigations and expand response actions on behalf of MDR customers.
GravityZone XDR key benefits include:
- Rapid Cross-Correlation Threat Detection — Bitdefender proprietary correlation and detection algorithms for XDR are based on leading-edge mathematics and threat behavior models. These algorithms are used by the sensor agent locally and at the cloud platform level to detect advanced threats, initial attack stages, and anomalous application and identity behaviors. Security teams gain tremendous capabilities and fast-time-to-value with options to create and deploy their own detection rules.
- Automated Threat Identification and Prioritization — GravityZone XDR includes a built-in Incident Advisor for root cause analysis and threat context combined with automated and guided incident investigation support. Security teams of any size and skillset are able to view threat detections, understand impact to operations and take recommended actions to contain or eliminate threats from a single view, greatly increasing efficiency.
- Recommended Threat Response Actions — GravityZone XDR provides built-in capabilities and recommendations for single-click threat response across endpoints, identities, email, cloud, and applications. This reduces the need for additional resources and enables security teams to view threats anywhere in the organization from an integrated console to respond faster, unlike Open XDR solutions, which rely on third-party tools and maintenance of integrations for telemetry and response actions.
“Today’s cybersecurity attacks are often complex, multifaceted, and launched in multiple stages, making it difficult for security teams to identify and stop them, especially for organizations operating with limited infosec resources,” said Andrei Florescu, senior vice president, products and engineering at Bitdefender. “We built GravityZone XDR from the ground-up to help security teams gain a holistic view of their infrastructure, investigate and verify incidents faster, and eliminate threats as they arise. We placed significant emphasis on security analytics to continuously baseline and adjust detections at runtime to reduce alert fatigue.”