Every endpoint in an organization – from employee computers and mobile devices, to servers, cloud workloads and containers – is an entryway through which attackers can gain access and potentially steal valuable company data. With more employees today working in hybrid and remote situations, often using their personal devices to connect to company networks, security professionals have seen the number of endpoints in their environments grow exponentially. At the same time, exploits and attacks on endpoints are increasing. According to one study, 68% of organizations have experienced an endpoint attack that compromised data or their IT infrastructure, and 80% of successful attacks were new or unknown zero-day attacks.
The expanded threat landscape and increasing frequency of cybersecurity attacks are why it’s important for organizations of all sizes to have a comprehensive endpoint detection and response (EDR) solution. It is no longer a question of if an organization will be compromised, but when. For this reason, security professionals should not focus solely on preventing attacks – they must also ensure they have the detection, investigation and response capabilities to identify when their organization has been penetrated, understand how the attack is unfolding, and quickly take action to mitigate it. This is the essence of EDR.
But not all EDR solutions are created equal. We are proud to share that Bitdefender has been named a “Strong Performer” in endpoint detection and response in the new report “The Forrester Wave™: Endpoint Detection and Response Providers, Q2 2022.” The report evaluates 15 EDR offerings based on 20 individual criteria including Investigation Capabilities, Product Vision, Product Security, ATT&CK alignment and more, to show how each EDR provider measures up and help security professionals select the right solution for their needs.
Strong Endpoint Detection and Response with GravityZone Ultra
Among the 15 evaluated providers is GravityZone Ultra, Bitdefender’s unified security platform incorporating endpoint protection (EPP), endpoint detection and response (EDR) and advanced risk analytics, all managed from a single console. We’re extremely proud to share that Bitdefender achieved the highest possible scores in the criteria of Investigation Capabilities, ATT&CK alignment, Product Vision, Product Security, and Supported Systems.
Our highlights from the report include:
Highest score possible in Investigation Capabilities
GravityZone Ultra earned the highest score possible in the Investigation Capabilities criterion. Whenever a threat is identified, one of the biggest challenges security professionals face is trying to quickly understand what happened, how far reaching the threat is, was the organization breached, and if so, what was affected. This is where investigation capabilities are so important and why they are a core capability in an EDR solution.
GravityZone Ultra provides the right insights, context and visualizations that security teams need to answer these questions and respond quickly. It enables security analysts to easily triage alerts and investigate incidents using attack timeline and sandbox output, allowing them to react immediately and stop ongoing attacks with a single mouse click.
Fully Aligned with the MITRE ATT&CK Framework
According to the report, GravityZone Ultra maps all telemetry, malicious or benign, to the MITRE ATT&CK framework, a globally-accessible knowledge base of adversary tactics and techniques used to evaluate the effectiveness of cybersecurity solutions.
Unlike some other EDR vendors, Bitdefender not only aligns all our cybersecurity solutions with the MITRE ATT&CK Framework, we also actively participate in annual MITRE Engenuity ATT&CK Evaluations to test the effectiveness of our detection capabilities in real-world scenarios. In the 2022 MITRE ATT&CK Evaluations for enterprise, GravityZone Ultra detected 97% of all major attack steps on Windows machines and 100% of all adversary techniques used against Linux systems. This demonstrates GravityZone Ultra’s ability to successfully detect the advanced, zero-day exploits targeting organizations’ endpoints to help our customers become more cyber resilient.
Innovative Product Vision
In the report, Bitdefender achieved the highest possible score in the criterion of Product Vision, indicating, in our opinion, that our vision and roadmap for GravityZone Ultra aligns with customers’ current and future needs.
At Bitdefender, we pride ourselves in partnering closely with our clients to understand their unique needs and build solutions that solve their difficult challenges. More than half of Bitdefender employees are in Research and Development roles and this strong emphasis on R&D results in the design and development of cybersecurity solutions that deliver the right capabilities and the greatest value to the market.
A prime example of this is the way we’ve built cross-endpoint event correlation technology into GravityZone Ultra. This technology takes threat detection and visiblity to a new level by applying XDR capabilities for detecting advanced threats involving multiple endpoints in hybrid infrastructures. We built cross-endpoint event correlation into our EDR solution because, in speaking with our customers, we understood that they need more robust detection and response capabilities across all types of endpoints and operating systems. This capability provides EDR customers many of the benefits of an extended detection and response (XDR) platform, without having to move to a full XDR solution.
Continuing Innovation and Customer Satisfaction
We believe Bitdefender’s latest recognition as a Strong Performer in EDR builds upon recognition we also received in evaluations for Extended Detection and Response (XDR) and Endpoint Security Software as a Service, all of which demonstrate, in our opinion, our commitment to investing in industry-leading detection and response capabilities on top of our proven threat intelligence and prevention capabilities.
The report states:
“The Bitdefender offering is straightforward and reliable. It supports a wide array of OS versions and distributions across Windows, Mac, and Linux, more than most in this evaluation. The user interface is logical and clean, combines individual alerts into related incidents, and provides helpful context and color coding within an incident.”
Most importantly, our customers have spoken. The report goes on to note:
“Reference customers lauded [Bitdefender’s] support and product teams, as well as the partnership it brings to the table.”
We’re proud that our customers recognize and appreciate the partnership we have with them as we continue to focus on delivering solutions that meet their needs and strengthen their cyber resiliency in the face of complex threats.
Download a complimentary copy of the report “The Forrester Wave™: Endpoint Detection and Response, Q2 2022” to learn more about EDR security.