The purpose of this article is to provide the top EDR news for August through September of 2022. Endpoint Detection and Response (EDR) solutions continue to evolve and the past two months have shown advancements from some of the top players in the industry. EDR solutions have been at the forefront of security initiatives along with MFA due to their effectiveness in not only preventing cyber security incidents but also providing remediation and forensics.
The growth has been fueled by insurance providers requiring EDR for cyber insurance policies. Many insurance providers are now requiring organizations to have EDR solutions, else they be dropped from coverage.
Overview of EDR News from August to September 2022
- Cybereason launches mobile app for SOC analysts
- SentinelOne launches XDR Ingest
- CrowdStrike introduced AI-powered indicators of attacks (IoAs)
- FortiEDR now available on GCP fortinet.com/blog/
- Huntress releases its Endpoint Detection and Response capabilities
Cybereason Launches Mobile App for SOC Analysts
With Cybereason, you now have your SOC at your fingertips. Cybereason launched their mobile app to give SOC analysts the ability to respond faster to incidents. Cybereason customers can work with the Cybereason SOC to remediate threats, get reports, and chat with Cybereason’s SOC. Cybereason claims this will reduce communication latency periods and increase mean-time-to-resolution (MTTR).
SentinelOne Launches XDR Ingest
SentinelOne launched their XDR Ingest product in August of 2022. This platform provides SentinelOne customers with “a data platform to ingest, retain, correlate, search, and action all enterprise security data – real time and historical, from any source“. Basically, it’s similar to a SIEM in that it aggregates and correlates log data, but SentinelOne claims that it has a better ingestion process and lower retention cost. Adding features like this may put SentinelOne ahead of competitors like Cylance and Carbon Black.
CrowdStrike AI-powered Indicators of Attacks (IoAs)
CrowdStrike introduced AI-powered indicators of attacks (IoAs) to its Falcon product at this year’s Black Hat USA 2022 conference. This is a benefit to existing CrowdStrike customers at no additional configuration or cost. CrowdStrike is using its cloud platform along with AI and human expertise to detect, classify, and provide remediation steps to new patterns of attacks it sees in the wild. This will help organizations drive automation in responding to attacks and reduce false positives, according to CrowdStrike.
FortiEDR Now Available on Google Cloud Platform (GCP)
On September 7th, 2022, Fortinet announced its release of its EDR solution (FortiEDR) for Google Cloud customers. FortiEDR and FortiXDR will integrate with Google Cloud’s Security Command Center. This will allow SOC analysts to audit and correlate detections and threats of Google Cloud Assets. FortiEDR had already been supported on both Azure and AWS.
Huntress Announces Its EDR Capabilities
Huntress, the threat intelligence and managed security platform has announced its capabilities in the EDR space. The solution, known as Process Insights, will provide some of the functionalities that traditional EDR solutions provide, such as managed antivirus and host isolation. The technology behind the EDR capabilities comes from its acquisition of Level Effect in 2021.
Conclusion of EDR News for Q3
Q3 2022 saw a lot of activity for EDR vendors. The year will likely end with more vendors getting into the fray with their spin on EDR and XDR. 2022 has shown itself to be a race for vendors who are trying to be a top 10 EDR solution.