Effective Endpoint Security With Automatic Detection and Response Solutions

The realization that cyber-attacks are inevitable has led the cybersecurity industry to shift some of its focus to detection and response rather than prevention in recent years. Therefore, the market for solutions designed to detect attacks on endpoints and respond accordingly has grown significantly. These Endpoint Detection & Response (EDR) solutions look for evidence and effects of malware that may have slipped past Endpoint Protection (EPP) products. EDR tools also perform evaluation of threat intelligence, event correlation, and often allow interactive querying, live memory analysis, and activity recording and playback.

However, the integration of EDR solutions into your security architecture sometimes requires additional software agents, administrative consoles, threat hunting skills, and knowledgeable personnel to manage it all. The solutions can produce vast amounts of complex data that IT teams may have a hard time analyzing, especially when they are under-staffed or don’t have specific threat hunting skills. This may lead to the solution being ineffective at reducing risk to acceptable levels.

Join this webinar to learn about

• Trends in adversary techniques and why first-generation mitigation and containment methods fail
• MITRE ATT&CK – what it means and how it drives more effective investigations, threat hunts and responses
• Why more sophisticated ML-based detection methods are imperative
• How EDR products are evolving to handle ever-changing threats
• How automation can be applied to reduce Mean Time to Containment and Mean Time to Repair

KuppingerCole Lead Analyst John Tolbert will give his view on the findings of the Market Compass Endpoint Protection, Detection, and Response and explain what they mean to customers striving for improved operations and better security.

He will be joined by Jan Tietze, Director Security Strategy EMEA at SentinelOne, who will explain how EPP, EDR, and Internet of Things can be integrated into a platform that addresses customer pain points such as security complexity, data overload, too many deployed agents, and the ability to respond to threats in a timely manner.