Trend Micro’s XDR, the extended detection and response offering, officially lands in Asia Pacific, Middle East and Africa. In a virtual launching ceremony, Eva Chen, CEO and Co-Founder of Trend Micro hailed the XDR’s capabilities to perform detection and responses across any security patterns.
Highlighting the problems that organisations have been having, Eva said clients have always voiced out three key frustrations when it comes to cybersecurity. They are:
Customers want to know where attacks come from and how they happen. It could be from email or employee but it’s hard to pinpoint who exactly.
What have they done to my network? What is the damage? It’s hard to give them a direct answer immediately.
Why didn’t we inform them earlier if we knew there was an attack happening so that they can protect themselves better.
“Trend Micro has been trying to answer this for thirty years. However, there have been increasing exposures and entry points making it difficult to protect. We need to have sensors in all places to detect threats. At the same time, advanced threats today are looking very innocent but can be very deadly as they attack critical servers”.
She explained that customers are no longer just interested in alerts. In fact, she pointed out that the sheer volume of alerts organisations receive is no match to the manpower they have to attend to them. And this is where the XDR comes in.
Trend Micro's XDR solution is both a SaaS-based offering as well as a managed service with the "X" referring to the most extensive sets of data from more protection points, which is critical to find hidden threats.
Trend Micro XDR is unique as it can:
Provide visibility beyond a single vector as it breaks the silos and goes beyond endpoints, RCA and impact score.
Uses cloud-based correlation via a centralised repository, normalised data, threat models, security and analytics with AI correlations.
Proactively hunt via internal and global threat intelligence to enrich discovery and investigation.
“Finally, we can proudly say we can connect all information together and provide visibility over the network and give high fidelity alerts. We are able to correlate endpoint, email, server, network, cloud, IoT environment, with smart filters in each product. Using AI, we are able to correlate alerts and make it an event and no longer deal with individual alerts. We can see where threats come from, go to and the damage done. We can even have an early alert on attacks”, explained Eva.
According to Frank Dickson, Program Vice President, Security and Trust, IDC, over the next five years, there is going to be a skill shortage in IT, especially in cybersecurity, judging by how the industry is growing. Cybersecurity is now becoming more of a people problem as 85% to 90% of organisations are simply not addressing the alerts they are receiving. XDR can change this.
XDR can be integrated with SIEM to help provide high fidelity event from endpoints, email, networks, servers and helps reduce alert fatigue for SOC teams. XDR also leans heavily on threat hunting and incident response capabilities out of the box. It reduces the noise SOC teams and CISOs have to deal with when it comes to threat detection.
Where EDR improved on malware detection over antivirus capabilities, XDR extends the range of EDR to encompass more deployed security solutions. XDR has a broader capability than EDR. It utilises the latest and current technologies to provide higher visibility and collect and correlate threat information while employing analytics and automation to help detect todays and future attacks.