eXtended Detection and Response (XDR)
eXtended Detection and Response (XDR) is a cross-endpoint event correlation component, capable of detecting advanced attacks across multiple endpoints in hybrid infrastructures (workstations, servers or containers, running various OS). As part of our comprehensive and integrated Environment Protection Platform, XDR brings together device intelligence across your enterprise network. This solution comes in aid of your incident response teams’ effort to investigate and respond to advanced threats.
Through Bitdefender Endpoint Security Tools , you can deploy the Incidents Sensor on your managed endpoints, to gather hardware and operating system data. Following a client-server framework, the metadata is collected and processed on both sides, and the Security Analytics component correlates the events into rich format incidents, ready for investigation in the Incidents page.
For enhanced accuracy, XDR can integrate metadata collected by the Network Sensor, which listens to the network traffic on your environment, gathering and pre-processing metadata and sending it to the Security Analytics component to correlate it and generate extended incidents.
Note
The Network Sensor requires separate installation and activation:
See Install Network Sensor using vSphere client for details on how to deploy the Network Sensor in your environment using vSphere.
See Install Network Sensor using Hyper-V Manager for details on how to deploy the Network Sensor in your environment using Hyper-V.
This component brings detailed information of the detected incidents, an interactive incident map, remediation actions, and integration with Sandbox Analyzer and HyperDetect.
Page Menu
- Bitdefender – GravityZone
- Report types
- Repair client
- Reconfigure client
- Configuration
- Operation
- Operation
- Best practices
- Viewing and managing scheduled reports
- Announcements
- Executive Summary
- Reports
- Restart machine
- Create reports
- Deleting notifications
- Configuring notification settings
- Taking report-based actions
- Saving reports
- Emailing reports
- Printing reports
- Notifications
- Notification types
- Viewing notifications
- Risk scan
- Best practices
- Credentials Manager
- Patch tasks
- Troubleshooting
- Creating policies
- Assigning policies
- Configuring profiles
- Changing policy settings
- Renaming policies
- Computer policies
- Check my monthly subscription for Bitdefender Security for AWS
- Scan for IOC
- Scan
- Deleting policies
- Exchange scan
- Patch tasks
- Install
- Uninstall client
- Update client
- Network discovery
- Patch Management
- Deleting endpoints
- Threats Xplorer
- Introduction
- Antimalware
- Advanced Threat Control
- HyperDetect
- Advanced Anti-Exploit
- Firewall
- Content Control
- Network Attack Defense
- Using Recovery Manager for encrypted volumes
- Device Control
- Email Security
- Full Disk Encryption
- Security for Exchange
- Sandbox Analyzer
- Endpoint Risk Analytics (ERA)
- eXtended Detection and Response (XDR)
- Security for Storage
- Container Protection
- Endpoint types
- Email Security Licensing & Provisioning
- Install Security Server through Control Center
- Install security agents – standard procedure
- Install Security Server manually
- AD Connect
- Bitdefender Endpoint Security Tools for Linux quick start guide
- Install security agents – use cases
- Whitelist Email
- Configure Email
- Add Mailbox
- Features distribution
- Network inventory
- Checking the endpoints status
- Viewing endpoint details
- Organizing endpoints into Groups
- Sorting, filtering and searching for endpoints
- Viewing and managing tasks
- Running tasks
- Creating quick reports
- Assigning policies