top of page
John M

EDR, MDR or XDR - Which is the right option?

Updated: Oct 29, 2022

Corporate managers when dealing with IT risk caused by malwares, often ask, what is the cause of the problem in the first place? How do we address it?

  • Is it visibility of the network?

  • Is it a problem of evolving attack techniques?

  • Why is malware so evasive – does it ‘mutate’?

  • Why can’t you eliminate the virus once and for all?


The most persistent and frustrating emerging problem in IT Security is visibility of networks because of silos in implementation. It has now been compounded by movement of data and device outside corporate networks, in work from home and public/private Wi-fis arrangements.


As a consulting expert when we encounter these questions we often aim at wholistic, integrated approach solutions that address the multi-layered network silos to eliminate fragmentation of IT security effort. A constant evaluation using our Security Assessment tools for corporate maturity level helps your cyber security team to improve on the security efforts and also gives communication tools and data for the upper management to appreciate the risk and support cyber security efforts.


This will ensure that a company is functioning at full capacity with the management having confidence because the company has been protected from the threats that are mitigated on all levels using proper Endpoint Security for Business for each layer on your environment. We help in assessment of ITSecurity levels to advise on appropriate tools, procedures and personnel.


You must be asking yourself, what is my organisation's IT Security level?


IT security maturity levels is evidenced by the investment of an organization into their cyber security capability. Different frameworks are used to determine these levels but we asses on high level at these frameworks;




Security Foundations Level – Which deals with commodity threats.


Stage 1: Characteristics:

  • Security handled by IT Department.

  • Deals with endpoint detection capabilities from an Endpoint Security Solution.

  • Deals with commodity threats only.


Optimum security Level– Capable of handling evasive threats.


Stage 2: Characteristics.

  • Security is handled by IT Security Team.

  • Deals with advanced detection and Response.

  • Evidenced with tools and procedures and training for handling an cyber attack/risk.


Expert security Level– Prepared to handle Targeted Threats.


Stage 3: Organisational Characteristics.

  • Security is by Expert teams.

  • In-house Security Operation Center (SOC) responsible for continuous monitoring and responding to security incidents.

  • Often subscribe to an outsourced expert team assistance.

The road-map to improvement begins with prioritization when it comes to security risks, and addresing unique threats to each organisation, so that all layers and Silos are covered. Ariel Technology together with its global partners Kaspersky, has continued to offer support to various organizations at different stages of IT Security Maturity.




MDR Framework - (With Kaspersky)


Managed Detection and Response framework is a subscription service to Kaspersky solutions and expertise covering the full cycle of cyber security. This framework helps to meet an organization at its level with tools and solutions from Kaspersky portfolio.


These tools include;


Foundational Security Level Solutions:

  1. Kaspersky Endpoint Security for Business

  2. Kaspersky Embedded Systems Security

  3. Kaspersky Hybrid Cloud Security

  4. Kaspersky Security for Mail Server

  5. Kaspersky Security for Internet Gateway

  6. Kaspersky Security for Storage

  7. Kaspersky Premium Support & Professional Services


Optimum Security Level Solutions:

  1. EDRO - Kaspersky Endpoint Detection & Response Optimum.

  2. Kaspersky Sandbox

  3. Kaspersky Threat Intelligence

  4. Kaspersky Security Awareness - KASA



Expert Level Security Solutions:

  1. Kaspersky Cyber security Training.

  2. Kaspersky Threat Intelligence.

  3. Kaspersky Endpoint Detection & Response KEDR.

  4. Kaspersky Anti targeted Attack - KATA.

  5. Kaspersky Security Assessment.

  6. Kaspersky Incident Response.


XDR (Trend Micro Vision One™) – Cross(X)-Layered Detection and Response.


The ultimate aim: We look to provide our clients with a framework that address these;


  1. Holistic Integrated Visibility of your network.

  2. Proper correlation of solutions.

  3. Reduce alert Fatigue.

  4. Experience ease in investigation and analysis.

All this depend of level of organizational preparedness and investment in IT Security. Our vendors will provide tools for all these layered protections.



Contact Ariel Technology for the following;


Endpoint Security

  • Trend Micro Apex One™ SaaS

  • Trend Micro Apex One SaaS with XDR

  • Trend Micro™ XDR for Users

  • Email and Application Security

  • Trend Micro™ Cloud App Security with

XDR

  • Cloud Workload Security

  • Trend Micro Cloud One™ - Workload Security Essential

Do you want to know how well your current email and endpoint security is really performing? Run our free Security Assessment Service to see if you are effectively protected against the advanced threats that are impacting organizations today.



References:







6. https://docs-new.paloaltonetworks.com/pan-os/9-0/pan-os-admin/threat-prevention

Comments


bottom of page