Traditional EDR solutions singularly focus on endpoints' malicious activities to hunt and investigate cyberattacks.
Multi-Vector EDR enables security teams to unify multiple context vectors like asset and software inventory, end-of-life visibility, vulnerabilities and exploits, misconfigurations, network traffic summary, MITRE ATT&CK tactics and techniques, malware, endpoint telemetry, and network reachability by leveraging the
"Qualys Multi-Vector EDR gives a broader view beyond the endpoint, which is necessary to eliminate false positives and more effectively prevent lateral movement. This is possible because Qualys Multi-Vector EDR is native to the cloud platform and collects vast amounts of telemetry from multiple sensors while capturing network information. The Qualys Cloud Agent, combined with the highly scalable Cloud Platform and forthcoming Incident Response capabilities, offers a unique opportunity for MSSPs to consolidate their managed services technology stack and orchestrate the appropriate response for faster and effective protection," said
"Qualys Multi-Vector EDR represents a major extension to both the Qualys Cloud Platform and our agent technology," said
Spell Security Asset Acquisition
Qualys also announced that it has acquired the software assets of startup Spell Security. This acquisition will further strengthen
Qualys Multi-Vector EDR Overview
Qualys Multi-Vector EDR helps security teams stay on top throughout the attack lifecycle from preventative protection, pre- and post-breach detection, automated investigation, and multi-layered response capabilities across the environment via a powerful cloud-based platform.
Cloud Agent Telemetry Collection – Widely deployed
Multi-Vector Detection – Leveraging the highly scalable data lake as part of the Qualys Cloud Platform, security analysts can quickly correlate additional vectors like software inventory, patch levels, vulnerability threat intelligence, and misconfigurations with endpoint telemetry like file, process, registry, network and mutex data. This approach eliminates the need for threat hunters to access multiple security solutions for context.
Investigate and Prioritize – By augmenting in-house MITRE ATT&CK-based detections with other context vectors enriched with third-party threat feeds, security teams can receive real-time alerts, investigate and prioritize security incidents, and threat hunt via intuitive workflows that take into account asset criticality and network attack paths.
Respond and Prevent – Qualys Multi-Vector EDR uses multi-layered response strategies to remediate threats and mitigate the risk in real time. In addition to traditional EDR response actions, Qualys Multi-Vector EDR orchestrates workflows for patching exploitable vulnerabilities and remediating misconfigurations across the environment to prevent attacks on other endpoints. To augment Multi-Vector EDR, endpoint protection capabilities like anti-malware/anti-virus are being added to the agent in Q4 2020.
Qualys Multi-Vector EDR is currently in beta for Windows endpoints and will be released for GA in late Q3 2020. If you would like to join the beta program, please sign up at https://www.qualys.com/beta-signup/. Linux support is targeted for Q1 2021.
- More information on Multi-Vector EDR
- Details on the Qualys Cloud Platform
Qualyson LinkedIn and Twitter
The native Qualys Cloud Platform and its integrated
Tami Casey, Qualys
View original content to download multimedia:http://www.prnewswire.com/news-releases/qualys-unveils-multi-vector-edr-a-new-approach-to-endpoint-detection-and-response-301101812.html