August 7, 2017 / Jay Barbour
How and When to Use Endpoint Detection and Response
Today's cyber security leaders are struggling with the burden of widening attack surfaces from the ever-growing number of endpoints in their networks. Organizations are limited by time, resources and budget in keeping their networks current to combat the ever-changing threat landscape.
This is why Masergy launched its Managed Endpoint Detection and Response service, an extension to our Unified Enterprise Security (UES) solution. This capability gives CISOs visibility into the most vulnerable targets, such as PCs, mobile devices and POS terminals. Cyber criminals are becoming increasingly sophisticated in their attacks. They choose endpoint devices to establish a beachhead from which to gain access to more valuable assets such as databases and servers.
Why is endpoint security critical?
Endpoints are preferred targets for attackers because they are:
- Full of software vulnerabilities
- Prone to human error
For these reasons, endpoints can undermine a solid corporate security strategy. Once attackers take control of endpoints, they can easily move laterally throughout a network, launching attacks and compromising critical information assets that reside throughout the enterprise.
What is Endpoint Detection and Response?
The U.S. Department of Commerce's National Institute of Standards and Technology (NIST) Cybersecurity Framework (https://www.nist.gov/cyberframework
), suggests that an effective security program should follow a methodology that includes not just prevention capabilities, but also detection and response.
Attackers can easily bypass prevention controls. That's why detection and response capabilities are an important addition to a robust cyber security strategy to identify and stop attacks before serious damage is done. Endpoint Detection and Response (EDR) is an emerging technology that leverages tamper-resistant endpoint agents that capture and record core system activity and analyze it for suspicious activity indicative of malware or an attacker. When an attacker is identified, the endpoint can be quarantined to block the attack until remediation can be carried out.
How is Masergy's Managed Endpoint Detection and Response different from others?
While EDR is being adopted by many global companies, it is often out of reach of many mid-sized organizations, requiring significant capital investment, sophisticated management processes and hard-to-find security expertise.
Masergy's Endpoint Detection and Response solution is fully managed, removing these adoption barriers. It is available in an affordable, consumption-based pricing model.
Our Managed EDR is built on our Unified Enterprise Security Managed Detection and Response
platform. We integrate leading endpoint detection and response agent technology, Carbon Black Response
, with Masergy's patented network behavioral analytics and machine learning technology. This combination is most effective at finding suspicious endpoint activity.
How Does Masergy's Managed EDR integrate with my network?
Masergy deploys Carbon Black Response, which consists of an endpoint agent and an onsite Carbon Black Management server. Deployment of Managed EDR also requires Masergy Unified Enterprise Security
Who manages endpoint activity on my network?
Masergy has Security Operations Centers (SOC) in three continents staffed by expert, industry-certified security analysts. Our analysts lead the managed security service industry with tenure and consistently deliver the best customer experience. Masergy leads the pack against competitors with a Net Promoter Score of 74 that puts us on-par with the customer satisfaction levels achieved by global brands such as Apple and Amazon.