MOUNTAIN VIEW, Calif., April 16, 2020 /PRNewswire/ — Respond Software today announced analysis support of Endpoint Detection and Response (EDR) data from Carbon Black, CrowdStrike and SentinelOne by the Respond Analyst – the virtual cybersecurity analyst for security operations. The Respond Analyst provides customers with expert EDR analysis right out of the box, creating immediate business value in security operations for organizations across industries.
The Respond Analyst provides a highly cost-effective and thorough way to analyze security-related alerts and data to free up people and budget from initial monitoring and investigative tasks. The software uses integrated reasoning – decision-making that leverages multiple alerting telemetries, contextual sources and threat intelligence – to actively monitor and triage security events in near real-time. Respond Software is now applying this unique approach to EDR data to reduce the number of false positives from noisy EDR feeds and turn transactional sensor data into actionable security insights.
Mike Armistead, CEO and co-founder, Respond Software, said: “As security teams increase investment in EDR capabilities, they not only must find and retain endpoint analysis capabilities but also sift through massive amounts of data to separate false positives from real security incidents. The Respond Analyst augments security personnel with our unique Robotic Decision Automation software that delivers thorough, consistent and 24x7x365 analysis of security data – from network to endpoint – saving budget and time for the security team. It derives maximum value from EDR at a level of speed and efficiency unmatched by any other solution today.”
Jim Routh, head of enterprise information risk management, MassMutual, said: “Data science is the foundation for MassMutual’s cybersecurity program. Applying mathematics and machine learning models to security operations functions to improve productivity and analytic capability is an important part of this foundation.”
Jon Davis, CEO of SecureNation, said: “SecureNation has made a commitment to its customers to deliver the right technology that enables the right security automation at lower operating costs. The EDR skills enabled by the Respond Analyst will make it possible for SecureNation to continue to provide the most comprehensive, responsive managed detection and response service available to support the escalating needs of enterprises today and into the future.”
The Respond Analyst: Integrated Reasoning Closes the EDR Gap
EDR solutions capture and evaluate a broad spectrum of attacks spanning the MITRE ATT&CK Framework. These products often produce alerts with a high degree of uncertainty, requiring costly triage by skilled security analysts that can take five to 15 minutes on average to complete. A security analyst must pivot to piece together information from various security product consoles, generating multiple manual queries per system, process and account. The analyst must also conduct context and scoping queries. All this analysis requires deep expert system knowledge in order to isolate specific threats.
The Respond Analyst removes the need for multiple console interactions by automating the investigation, scoping and prioritization of alerts into real, actionable incidents. With the addition of EDR analysis, Respond Software broadens the integrated reasoning capabilities of the Respond Analyst to include endpoint system details – identifying incidents related to suspect activity from binaries, client apps, PowerShell and other suspicious entities.
Combining EDR analysis with insights from network intrusion detection, web filtering and other network telemetries, the Respond Analyst extends its already comprehensive coverage. This allows security operations centers to increase visibility, efficiency and effectiveness, thereby reducing false positives and increasing the probability of identifying true malicious and actionable activity early in the attack cycle.
EDR Availability within the Respond Analyst
The EDR capability is already in beta deployment at several enterprises. General availability is scheduled for April 30.
Resources for EDR
- Download the Respond Analyst At-a-Glance
- Read the Blog: Respond Software Announces Automated Detection and Investigation of EDR Data
- Register for the Webinar: Automating SecOps – Monitoring & Triage for EDR Events, Tuesday, April 21 at 8:15 am PT.
- Learn How It Works within the Security Environment
About the Respond Analyst
The Respond Analyst is a virtual security analyst built on robotic decision automation (RDA), a new class of software automation for security operations. RDA combines the best of human judgment with the scale, consistency and depth of analysis in software with reasoning and decision-making skills needed to tackle the complexity and high volume of data-facing security teams today.
About Respond Software
Respond Software delivers near-instant return on investment to organizations in their battle against cyber-crime. As a leader in the emerging class of automated software known as Robotic Decision Automation (RDA), Respond Software is working to address the critical shortage of skilled security analysts impacting security teams of all sizes. Its patented intelligent decision engine uniquely combines human expert judgment with the scale and consistency of software to dramatically increase capacity and improve monitoring and triage capabilities at a fraction of the cost of in-house or outsourced personnel. Respond Software was founded in 2016 by security and software industry veterans and services customers across critical infrastructure sectors such as banking, energy, and retail.
https://respond-software.com/.
For more information, press only:
Katrina Porter, katrina.porter@nadelphelan.com, PT
Carmen Harris, carmen@respond-software.com, CT
SOURCE Respond Software