In this product showcase, we look at Red Piranha’s Crystal Eye XDR platform. Red Piranha pioneered the integrated security service model back in 2015 with out of the box MDR and Incident Response capability, now known as XDR. Since then, the Crystal Eye XDR platform has expanded its feature set to cover Integrated Risk Management (IRM), as well as Endpoint Protection with its Crystal Eye Attack Surface Reduction (CEASR) App and an extended range of deployment options across the full organisation’s stack.
With a recent Gartner report of emerging technology on the horizon for information security. It was identified that technology platforms like Red Piranha’s Crystal Eye could be looked at to deal with the complexity brought to security, by the sophistication of threat actors and their campaigns. The report predicts a growing need for cross functional security capabilities that meet evolving customer demand, outlining the need for tactical changes to align Integrated Risk Management with XDR capabilities.
There is a heated debate going on at the moment around what XDR really is. Is it a single platform with full feature integration complete with standardised data lake and data normalisation to reduce the engineering burden? Or is it a range of products that can be integrated to roll out a holistic security program? As Gartner writes in its last Market Watch report on XDR, it can be both.
This doesn’t change the fact that we should all be implementing a controls-based approach to managing risk in our security program, but the truth is, this can be expensive. With one of the major barriers to achieving a mature managed security program being lack of staff and lack of budget, you should make the decision around what type of XDR platform works for you, based on the resources you have available and what stage you are at with your security maturity journey.
The Crystal Eye XDR platform takes a fully integrated security feature approach which provides major benefits. Less staffing costs and fewer engineering resources are required so you, as a security leader, can focus less on integration issues, and more on security outcomes. Deployment is made easy with its integrated marketplace, allowing for features to be selected for your specific operating model. Deployment options can be selected with full Secure Web Gateway and routing, or in-line deployment running alongside other networking infrastructure. Deployment options are also flexibly aimed at security outcomes and visibility based on placement in the infrastructure.
Once deployed, integration and deployment of security controls is plug-and-play and accompanying integrated service packages offered by Red Piranha can be selected based on the security outcomes you are trying to achieve. This truly simplifies what traditionally used to be a major engineering burden, down to the push of the button. Deploying NDR with a fully compliant incident response program including policy and process, is as easy as filling out the details and selecting the service level options in the platform. Then it all just works, with Red Piranha offering a high level of service with a true security partnership model between you and the team, giving you access to a full security village on demand.
Incident response capabilities are extended via the platform with true human-machine teaming, push button escalation of IOCs to Red Piranha SOC specialists, as well as automated CESOC correlation and monitoring platform. Within minutes, the response process can be triggered into action to deal with a potential breach following pre-defined playbooks that work alongside an impressive integrated toolset for on-demand PCAP analysis, End Device Ram forensics and much more, all wrapped into a response program that will stand up in court if necessary. This leaves you with the ability to get on with your business, and the capacity to deal with security outcomes, not integration issues between a fractured set of security tools.
More impressive, is Red Piranha has taken Crystal Eye XDR a step further with the IRM. The CEASR endpoint is integrated into the platform and works alongside the DFIR endpoints and EDR to give you full enterprise attack surface reduction. This was built to allow government agencies in Australia the ability to meet the Australian Signals Directorate’s strictest compliance requirements, but for enterprises this can be used to get a major uplift in risk reduction when it comes to ransomware and insider threats. Working alongside the integrated and trademarked eCISO solution (one of the world’s first electronic CISO programs), this allows customers to roll out Policy Advancement, staff training and asset management, segmentation, and access control to start your zero-trust journey and ongoing vulnerability management all through one unified platform.
Crystal Eye XDR can be deployed on-premise, or with a growing number of SASE cloud deployment options. Security reporting, for single or multiple deployments, can be managed all from Red Piranha’s Orchestrate management platform, making this truly a market leader in security orchestration and automated response. SOAR is no longer a buzz word but has true meaning and value to the enterprise.
Request a product demo to learn more.