eXtended Detection and Response (XDR)
eXtended Detection and Response (XDR) is a cross-endpoint event correlation component, capable of detecting advanced attacks across multiple endpoints in hybrid infrastructures (workstations, servers or containers, running various OS). As part of our comprehensive and integrated Environment Protection Platform, XDR brings together device intelligence across your enterprise network. This solution comes in aid of your incident response teams’ effort to investigate and respond to advanced threats.
Through Bitdefender Endpoint Security Tools , you can deploy the Incidents Sensor on your managed endpoints, to gather hardware and operating system data. Following a client-server framework, the metadata is collected and processed on both sides, and the Security Analytics component correlates the events into rich format incidents, ready for investigation in the Incidents page.
For enhanced accuracy, XDR can integrate metadata collected by the Network Sensor, which listens to the network traffic on your environment, gathering and pre-processing metadata and sending it to the Security Analytics component to correlate it and generate extended incidents.
Note
The Network Sensor requires separate installation and activation:
See Install Network Sensor using vSphere client for details on how to deploy the Network Sensor in your environment using vSphere.
See Install Network Sensor using Hyper-V Manager for details on how to deploy the Network Sensor in your environment using Hyper-V.
This component brings detailed information of the detected incidents, an interactive incident map, remediation actions, and integration with Sandbox Analyzer and HyperDetect.
Page Menu
- Bitdefender – GravityZone
- Viewing notifications
- Executive Summary
- Announcements
- Viewing and managing scheduled reports
- Best practices
- Operation
- Operation
- Configuration
- Reconfigure client
- Reports
- Report types
- Create reports
- Notification types
- Notifications
- Printing reports
- Emailing reports
- Saving reports
- Taking report-based actions
- Configuring notification settings
- Deleting notifications
- Repair client
- Restart machine
- Network discovery
- Changing policy settings
- Configuring profiles
- Assigning policies
- Creating policies
- Troubleshooting
- Patch tasks
- Credentials Manager
- Best practices
- Renaming policies
- Computer policies
- Risk scan
- Update client
- Uninstall client
- Install
- Patch tasks
- Exchange scan
- Deleting policies
- Scan
- Scan for IOC
- Allow file download blocked by Bitdefender
- Features distribution
- Content Control
- Firewall
- Advanced Anti-Exploit
- HyperDetect
- Advanced Threat Control
- Antimalware
- Introduction
- Threats Xplorer
- Network Attack Defense
- Patch Management
- Device Control
- Container Protection
- Security for Storage
- eXtended Detection and Response (XDR)
- Endpoint Risk Analytics (ERA)
- Sandbox Analyzer
- Security for Exchange
- Full Disk Encryption
- Email Security
- Deleting endpoints
- Using Recovery Manager for encrypted volumes
- Assigning policies
- Whitelist Email
- Install security agents – use cases
- Bitdefender Endpoint Security Tools for Linux quick start guide
- AD Connect
- Install Security Server manually
- Install security agents – standard procedure
- Install Security Server through Control Center
- Email Security Licensing & Provisioning
- Configure Email
- Add Mailbox
- Endpoint types
- Creating quick reports
- Running tasks
- Viewing and managing tasks
- Sorting, filtering and searching for endpoints
- Organizing endpoints into Groups
- Viewing endpoint details
- Checking the endpoints status
- Network inventory
- Check my monthly subscription for Bitdefender Security for AWS