Digital Guardian: Managed Security Meets Endpoint Detection and Response (EDR)
Digital Guardian, which provides a purpose-built, cloud-based data protection platform, now has a managed security program for its endpoint detection and response (EDR) technology. The new offering surfaced at the Black Hat USA 2018 conference in Las Vegas.
MSP for EDR offering is an add-on to Digital Guardian’s existing MSP for data loss prevention (DLP). The vendor said its MSP program is the fastest growing area of its business, with more than one million agents under management across more than 165 customers in mid-market and large enterprises engaged in financial services, manufacturing, healthcare, technology and professional services.
According to Digital Guardian, MSP for EDR safeguards customers from a wide range of advanced threats, such as fileless malware, polymorphic malware, zero-day attacks, advanced persistent threats, ransomware, insider threats and advanced data exfiltration methods. Customers equipped with both the DLP and EDR applications are best protected against inside and externally-launched breaches.
“By combining our cutting-edge technology, including advanced analytics, a robust threat intelligence management system, and a leading global team of security experts we can rapidly detect, respond and remediate advanced threats to provide the highest level of protection for our customers,” said Tim Bandos, Digital Guardian’s VP of global cybersecurity.
User and Entity Behavior Analytics
Meanwhile, the company also released new User and Entity Behavior Analytics (UEBA) capabilities for its data protection platform, designed to supplement data classification and rule-based policies. The data protection platform now includes advanced analytics and anomaly-based detection for deeper insight into suspicious activities surrounding sensitive data.
“CISOs are in the business of managing risk and our UEBA technology enables them to make more effective business decisions,” said Ken Levine, Digital Guardian’s president and CEO. “We are enabling security teams to not only reduce incident remediation times with high fidelity alarms, but also prioritizing the most important and severe alarms targeting organizations’ sensitive data,” he said.
Key benefits of UEBA with data protection include:
- Monitors a comprehensive set of behavioral events about your systems, users and data, and pinpoints anomalies.
- Identifies and stops insider threats by employees, contractors and privileged users before sensitive data leaves the organization. Real-time user and entity analytics understands those behaviors or actions that pose risk.
- User and entity behaviors are aggregated to create risk scores to help analysts identify actions that are indicative of real threats. Once confirmed, analysts can blacklist processes across the enterprise
- Workspaces to guide security professionals to the events that matter when identifying anomalous and suspicious insider activity.
Track all Black Hat news developments here. MSSP Alert is blogging live from the conference throughout the week.