Securonix announced a new product for its cloud-native platform: Securonix Open XDR. The new product comes with Securonix Autonomous Threat Sweep (ATS) and empowers customers with robust threat detection and response capabilities needed to respond swiftly to sophisticated threats across endpoints, networks and hybrid cloud environments.
Securonix Open XDR is delivered through a cloud-native security analytics platform, enabling users to mix and match solutions based on their own unique risk profiles and business needs. The fully integrated solution delivers out-of-the-box threat detection and response across endpoints, networks and the cloud for rapid time to value.
Securonix Open XDR marries its pioneering user and entity behavior analytics (UEBA) solution with XDR to provide threat detection capabilities. In synergy with Securonix intelligent SOAR capabilities, Open XDR creates a true end-to-end security operations fabric for threat detection, response, automation and orchestration.
“Most XDR offerings simply try to extend EDR capabilities with some canned analytics. It is X-EDR, not XDR,” said Sachin Nayyar, CEO at Securonix. “The harsh reality is that effective defense against emerging threats requires more than that – more advanced correlation, more and better risk prioritization, and more control over not just endpoints, but across many different entities, on-premises and in the cloud. We have combined the best of analytics and automation with best of breed telemetry and detection to provide our customers with next-level threat detection and response capabilities that other vendors are promising but have yet to deliver.”
Securonix Open XDR seamlessly ingests any data – real-time or historic, from any source – and combines security data lake and threat hunting, UEBA and SOAR into a centralized product. This unique combination gives customers the end-to-end visibility needed in today’s complex enterprise environments, arming their security operations teams with:
- Enhanced detection: Securonix delivers industry leading machine learning-powered behavior analytics through its advanced UEBA engine, and MITRE ATT&CK-based threat chains combine weak signals to prioritize high-priority threats.
- Context-based prioritization: Security events are autonomously enriched with identity and asset context for risk boosting, and threat chains are generated for correlation, combining vulnerabilities, alerts and threat intelligence for proper risk prioritization.
- Fast search and threat hunting: Enriched events take real-time context into account to provide security teams with an unprecedented level of up-to-date information. Fast long-term and live search also bolster threat hunting capabilities.
- Faster time to respond: Response times are decreased significantly due to Securonix’s built-in threat intelligence, powered by adversary behavior analytics and native SOAR automation and case management.
As a key part of its new XDR offering and capabilities, Securonix also unveiled Securonix Autonomous Threat Sweep, a new feature that delivers automated cyber response. Acting like an organization’s Cyber Rapid Response Team, Securonix ATS provides air cover for security operations teams, autonomously analyzing new information about emerging threats as soon as they surface to proactively hunt for signs of compromise. ATS then automates rapid response and acts as a force multiplier for incident responders and threat hunters.
Securonix ATS provides customers with:
- Actionable alerts and reporting: ATS provides timely and actionable notifications and reports that notify customers of new critical threats and indicators of compromise (IoC) in their environments, and all threats ATS has assessed historically.
- IoC and behavioral-driven threat hunting: In Raw Intelligence Mode, ATS automatically extracts IoCs from threat intelligence sources to hunt for emerging threats in long-term historical data. In TTP Mode, ATS applies sophisticated approaches from TTPs, helping threat hunters identify indicators of action in the absence of prior knowledge about IoCs.
- Reanalysis of long-term historical data: XDR solutions and traditional SIEMs typically only retain data available for live search for short periods of time, making them ineffective in detecting threats with long dwell and hibernation times. ATS hunts for IoCs and anomalous behavior over long periods of time and on historical timescales.
“We have been using the Securonix XDR and Autonomous Threat Sweep capabilities with integrations for our endpoint solutions to maximize our ability to detect and prioritize advanced threats,” said JP Cheenepalli, Director Cybersecurity Engineering at AmerisourceBergen. “We are excited to leverage the Securonix unified XDR offering that packages behavior analytics, threat hunting and response capabilities in one solution to simplify the overall user experience, and empowers us to rapidly detect, investigate and respond to threats.”
Securonix Open XDR with Autonomous Threat Sweep is available now.