Promote this Nomination
|Company size (employees)||5,000 to 9,999|
|Type of solution||Software|
While Cross-layered Detection & Response (XDR) products have become very popular by improving threat detection, they have not done well-defending systems from malware and APT threats. Their biggest limitation is, being centered around endpoint protection, they do not truly coordinate with network devices; no sharing of anomalous behavior or coordinating responses.
Sangfor XDDR is a framework that goes beyond traditional XDR by implementing a real integrated security solution, providing a holistic response to malware infections and APT breaches across the entire organization’s network, with ease of management, operation, and maintenance.
XDDR directly integrates Sangfor and certain third-party products together, allowing them to directly communicate with each other, extending and overlapping their spheres of influence. This allows an unprecedented correlation of anomalous behavior between endpoints and that seen on the network and in the cloud.
XDDR puts emphasis on the coordinated response, ready to contain and mitigate that one breach WHEN it happens.
• Scheduled or on-demand endpoint Secure vulnerability scanning initiated by NGAF
• Vulnerability Scan results sent back to NGAF for closed-loop patch recommendations, including global threat correlation.
• Enterprise asset tracking and rogue asset detection
• Endpoint Secure Protect Agent Ransomware honeypot capability
• Real-time Threat Intelligence (TI) from cloud-based Neural-X recognizes new malware signatures discovered by Sangfor TI sources
• Network-Wide Threat Disposal allows the administrator to respond quickly to a large malware outbreak
• NGAF integration can prevent malware from communicating with Command & Control servers and propagation across enterprise domains
• Cyber Command for enhanced threat detection/response
1. Multi-Dimensional Response
An example of XDDR synergy is between Sangfor Endpoint Secure and NGAF. Both Endpoint Secure and NGAF use the innovative Sangfor Engine Zero anti-malware analysis engines to detect and block APTs. Although Engine Zero has an extremely high detection success rate, it is still not 100% effective. No solution is. Thus, we consider anti-malware to be a “best effort.” Effective security is being prepared for “when” something gets through, and not “if” it gets through.
2. XDDR is 360 Degree Protection
- End-to-End Network Protection
- Uncovers hidden threat to on-site/remote employees
- Simplified SOAR
- Business Impact Analysis
3. XDDR Security Synergy
Security products have spheres of influence based on their function. Malware using Artificial Intelligence (AI) can exploit the gaps between the spheres of influence.
XDDR directly coordinates responses between Sangfor and some 3rd party products together, using Cyber Command to integrate threat information and orchestrating actions with each other, extending and overlapping their spheres of influence. This allows an unprecedented correlation of anomalous behavior between endpoints and that seen on the network and in the cloud.