Endpoint/Device Security, Channel partners, Content

Symantec Intros Managed EDR Service, Updates Endpoint Security

Symantec has added endpoint security capabilities to its Integrated Cyber Defense threat protection, information security and compliance platform, according to a prepared statement. The company also has unveiled a Managed Endpoint Detection and Response (MEDR) service and EDR 4.0 product.

The continued integrations reinforce Symantec's continued focus on R&D, even as the company navigates recent executive changes and occasional takeover rumors involving private equity firm Thoma Bravo.

Symantec Cyber Defense: Details

On the product front, Integrated Cyber Defense includes the following endpoint security offerings:

  • Symantec Endpoint Application Control: Automatically generates application-specific rules and offers application discovery, risk assessment and continuous tracking of application drift.
  • Symantec Endpoint Application Isolation: Provides application visibility and intelligence and isolates suspicious applications to prevent cyberattackers from exploiting potential vulnerabilities.
  • Symantec Endpoint Cloud Connect Defense: Offers a policy-based virtual private network (VPN) to protect against dangerous WiFi and carrier networks.
  • Symantec Endpoint Threat Defense for Active Directory: Uses artificial intelligence and various security technologies to prevent credential theft and lateral movement.

Symantec Managed Endpoint Detection and Response (MEDR) Explained

MEDR identifies cyberattacks and suspicious activity to help organizations speed up incident response and remediation, Symantec said. The service's features include:

  • Cyber threat reports.
  • Endpoint containment.
  • Managed threat hunting.
  • Remote investigations.

We're curious to see if MEDR competes head-on against traditional MSSPs and MDR (managed detection and response) companies. Symantec, after all, has a managed security business aside from its core software business.

Symantec Endpoint Detection and Response (ERD) 4.0

EDR 4.0 uses research from Symantec's security researchers and global telemetry from 175 million endpoints to identify new cyberattack patterns, Symantec indicated. The product's features include:

  • Automated playbooks.
  • Deployment options for Symantec Endpoint Protection (SEP) and non-SEP endpoints for macOS, Linux and Windows.
  • Pre- and post-breach EDR tools.

Integrated Cyber Defense's endpoint security capabilities are available for purchase as add-ons to SEP or part of Symantec Endpoint Security Suites. In addition, MEDR and EDR 4.0 are now available.

Symantec Executive Leadership Shake-Up: Here's What You Need to Know

The Symantec endpoint security announcements come after the company in November 2018 announced the following executive leadership moves:

  • Addition of Art Gilliland as EVP and GM of enterprise products.
  • Expansion of CEO Greg Clark's title, which now includes president.
  • Resignation of Michael Fey as president and COO.

Reports previously surfaced in November 2018 that private equity firm Thoma Bravo may acquire Symantec. Furthermore, Symantec in November acquired Javelin Networks and Appthority and incorporated the companies into its endpoint security business.

Symantec is set to announce Q3 fiscal year 2019 earnings this Thursday, January 31. For the company's Q2 fiscal 2019, Symantec's revenues were $1.175 billion, down slight from $1.240 billion in the corresponding quarter for fiscal 2018.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.