eXtended Detection and Response (XDR)
eXtended Detection and Response (XDR) is a cross-endpoint event correlation component, capable of detecting advanced attacks across multiple endpoints in hybrid infrastructures (workstations, servers or containers, running various OS). As part of our comprehensive and integrated Environment Protection Platform, XDR brings together device intelligence across your enterprise network. This solution comes in aid of your incident response teams’ effort to investigate and respond to advanced threats.
Through Bitdefender Endpoint Security Tools , you can deploy the Incidents Sensor on your managed endpoints, to gather hardware and operating system data. Following a client-server framework, the metadata is collected and processed on both sides, and the Security Analytics component correlates the events into rich format incidents, ready for investigation in the Incidents page.
For enhanced accuracy, XDR can integrate metadata collected by the Network Sensor, which listens to the network traffic on your environment, gathering and pre-processing metadata and sending it to the Security Analytics component to correlate it and generate extended incidents.
The Network Sensor requires separate installation and activation:
See Install Network Sensor using vSphere client for details on how to deploy the Network Sensor in your environment using vSphere.
See Install Network Sensor using Hyper-V Manager for details on how to deploy the Network Sensor in your environment using Hyper-V.
This component brings detailed information of the detected incidents, an interactive incident map, remediation actions, and integration with Sandbox Analyzer and HyperDetect.