GravityZone XDR promises to reduce attacker dwell time with robust detection, quick triage, and automated threat containment. Credit: Peterscode / Getty Images Cybersecurity software maker Bitdefender threw its hat into the extended detection and response (XDR) ring Thursday with a native offering it’s calling GravityZone XDR. The product is designed to get security teams up and running out of the box, with features that include:Rapid, cross-correlation threat detection, which uses leading-edge mathematics and threat behavior models to detect advanced threats, initial attack stages, and anomalous application and identity behaviorsAutomated threat identification and prioritization, which uses a built-in incident advisor for root cause and threat context analysis, allowing security teams of any size and skillset to view threat detections, understand a threat’s impact on operations, and take recommended actions to contain or eliminate threats—all from a single viewRecommended threat response actions that can be resolved across endpoints, identities, email, cloud, and applications, with a single clickBitdefender also worked on making these features easy to use. “Security technology can seem overwhelming to a security analyst, let alone a layperson, so we built the user interface hand-in-hand with our customers through an early access program,” explains Bitdefender vice president for product and technical marketing Amy Blackshaw. “Customers partnered with us day in, day out, not just on capabilities and problems they were trying to solve, but on how they wanted to consume information from a UI and UX perspective. What that has led to is a very intuitive design.”XDR built on existing cybersecurity investments“In the journey to XDR, businesses want to build upon their existing cybersecurity investments,” Michael Suby, a vice president of research at IDC, said in a statement. “They also want XDR to produce tangible results, such as reducing attacker dwell time and improving SOC efficiency. By adding features like pre-built detections into sensors (minimizing custom detection writing), root cause analysis, and alert prioritization, Bitdefender is hitting both objectives.” Mahmood Haq, CISO at MyVest, a wealth management company, also praised Bitdefender’s product. “GravityZone XDR excels at connecting and correlating incidents over time throughout our entire operations, and we experienced immediate value,” he said in a statement. “The benefit of having a single-vendor solution with out-of-the-box detection capabilities for identifying and investigating known and unknown threats and providing our analysts with the knowledge of what and how an incident happened with the best ways to respond cannot be overstated.” Native XDR controls what’s coming into the systemA lot of the implementations today are native XDR, which use the vendor’s toolset, observes Forrester Analyst Allie Mellen. “That makes a lot of sense because the challenge of integrating other tools from another third-party ecosystem are the same as those we’ve seen with SIEM,” she says. “Once you start trying to optimize for flexibility and modularity, it becomes difficult to control the quality of protection and to continuously provide detection.”“Native XDR has taken hold with a lot vendors because it allows them to control what’s coming into the system and what’s going out of the system so they can optimize detection,” Mellen adds. The alternative to native XDR is open or hybrid XDR. “An open XDR vendor is focusing on the security analytics layer, but doesn’t own the downwind security stack,” Blackshaw explains. “They work through integration of other vendors’ technology, usually through alliances or an ecosystem of security vendors.A positive aspect of hybrid XDR is it has the potential to mix best-of-breed applications with its offering. “But,” Mellen notes, “clients aren’t as concerned about going for best of breed as they used to be and many of the vendors providing the platform approach already have the best tools on the market.” Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe