Symantec
Corp., the world's leading cyber security company, today
announced a new Managed Endpoint Detection and Response (MEDR) service
and enhanced EDR 4.0 technology. These advancements improve attack
discovery and incident response using AI-driven analytics and automation
to quickly discover and stop sophisticated cyber attacks.
Enterprise
IT and Security Ops teams are increasingly challenged to investigate
and respond to advanced and emerging threats with available resources
and staff. Symantec's MEDR service harnesses the power of EDR 4.0 to
improve incident response, threat hunting and forensics, fortifying
teams with investigation expertise and threat intelligence from a
world-class team of Symantec SOC analysts.
Symantec
MEDR detects stealthy attacks and expertly examines suspicious activity
for faster incident validation and response. A powerful combination of
Symantec EDR 4.0, the SOC technology platform, and the Global
Intelligence Network, allows Symantec analysts to provide 24x7
expertise. Managed threat hunting, remote investigations, and endpoint
containment enable security teams around the world to stay ahead of
threats. Features include:
- Industry- and region-specific analysts provide 24x7 coverage across six global SOCs.
- Managed threat hunting provides detection for zero-day and unknown threats.
- Industry best practices including MITRE ATT&CK framework help to quickly identify critical indicators of attack.
- Rapid containment of compromised endpoints using pre-authorized measures.
- Custom and emerging threat reports, business reviews, and 24x7 coverage.
"Many
customers simply can't find enough cyber security experts to meet
demand. Our MEDR service provides access to Symantec's elite SOC
analysts and advanced machine learning techniques to reduce the burden
on staff and shrink the time it takes to investigate incidents," said
Art Gilliland, EVP and GM Enterprise Products, Symantec. "For
organizations with robust security response teams, EDR 4.0 is now
available on any device, anywhere, before or after an attack occurs to
provide comprehensive detection and response."
Symantec's
EDR 4.0 continuously updates AI-driven detection engines using threat
research from Symantec's elite team of researchers and global telemetry
from 175 million endpoints to train analytics to detect new attack patterns. EDR 4.0 is now available on any device, anywhere, before or after an attack. New features include:
- Advanced attack detections to help thwart "living off the land" fileless attacks.
- Automated playbooks to quickly initiate investigations.
- MITRE ATT&CK framework enrichment to expose gaps in the attack lifecycle.
- Advanced pre- and post-breach comprehensive EDR tools.
- Flexible deployment options for Symantec Endpoint Protection (SEP) and non-SEP endpoints for macOS, Linux, and Windows.
"Many
organizations are struggling with threat detection and incident
response because of both the volume and sophistication of attacks, and
an expanding attack surface. They also face many challenges including
the volume of alerts and a continued reliance on manual processes,"
said ESG senior principal analyst Jon Oltsik. "With a critical shortage
of skilled investigators available, security teams need smart tools and
services that can help them deal with the scale and speed of the modern
threat environment, making it easier to identify and fix impacted
endpoints. To improve IR processes, cybersecurity professionals must
eschew legacy approaches and embrace the right tools and services."
Symantec MEDR and EDR 4.0 are available now.