Extended Detection and Response

Extended Detection and Response (XDR) – for reliable protection of the IT infrastructure

70 percent of all successful cyber attacks start on an endpoint.

Preventative protective measures, such as anti-virus software, are therefore not enough on their own. Extended Detection and Response offers a 360° view of documents, identities, endpoints and cloud workloads and reliably detects typical anomalies. It helps protect your IT infrastructure from even the most sophisticated cyber attacks.

Extended and improved security for endpoints and data

By detecting anomalies in the IT infrastructure, XDR can identify sophisticated attacks such as fileless or zero-day attacks. Relevant security incidents on workplace computers, smartphones, tablets, servers and cloud workloads are incorporated into a single central dashboard. Security officers are immediately informed about the attack and can, ideally, respond before the attacker infiltrates the network further. Using the XDR dashboard, the cybersecurity professionals in the Security Operations Center (SOC) can take initial defensive measures, such as quarantining a suspicious file, while advanced threat hunting options also help identify the attacker within the company’s own infrastructure.

When is it the right solution?

Endpoints in companies are the primary target of cybercriminal attacks. As many recent successful attacks have shown, preventative protective measures, such as anti-virus and firewalls, are no longer sufficient. You therefore have to take additional measures to reliably detect and respond to attacks.

Heterogeneously configured endpoints and cloud workloads provide cybercriminals with a wide range of potential targets. In addition, with the increasing trend towards employees working outside the corporate network, the security department or SOC often lacks an inside view of the endpoints, processes and network activities to detect attacks. What they need, therefore, is a system capable of analysing behaviour over the entire infrastructure, correlating information from a wide range of sources, evaluating suspicious incidents and reporting these to a central hub.

Your benefits

  • Protects user accounts and endpoints from sophisticated attacks using behaviour-based analysis
  • Reduces the security team’s workload thanks to automated analysis and defence
  • End-to-end overview of security incidents on endpoints and in cloud workloads

The first step

How does Extended Detection and Response (XDR) work?

The service runs on a standardised platform for detecting and responding to security incidents. The platform collects, correlates and evaluates data from multiple security components and sources, including endpoints, identities, apps, e-mails, documents and cloud workloads. Upon detecting unusual behaviour or an attack, the XDR service automatically generates security alerts or incidents. Incidents are centrally visible in the dashboard and can be seen and responded to by the security officers.

How does Endpoint Detection & Response (EDR) work?

Why Swisscom?

Expertise

We protect you with policies and regulations that are constantly updated.

Integration

By being integrated into our SOC, you minimise your security risk.

Managed Service

You benefit from our proven, in-depth security expertise.

Application examples

How Extended Detection and Response supports your security requirements.

Real-time overview

The customer requirement

You want a constant overview of the activities in your IT infrastructure to enable an immediate response to security incidents.

Our solution

The XDR dashboard gives you a real-time, at-a-glance overview of the status of your endpoints and cloud workloads.

Protection against sophisticated cyber attacks

The customer requirement

You want to improve the level of IT security and be protected against sophisticated attacks that circumvent preventive measures such as anti-virus software.

Our solution

Thanks to its behaviour analysis system, XDR instantly identifies suspicious activities on the monitored environments and is able to take action automatically. If manual interventions are also required, your security professionals can respond promptly. XDR increases your level of security.

Protection beyond the corporate network

The customer requirement

Your employees are increasingly working outside your company premises; on site with customers or from home for example. Despite this, smartphones, company laptops, identities, e-mails and documents still need to be protected.

Our solution

XDR is a cloud-based solution that protects endpoints irrespective of how they are connected to the internet. This approach therefore allows the IT strategy to shift from perimeter protection to endpoint security.

A lack of resources to operate XDR

The customer requirement

You want optimum protection for your endpoints, but you don’t have the resources or expertise to operate an XDR solution.

Our solution

Use Extended Detection and Response and the services of a Security Operation Center (SOC) as a Managed Service(opens in new tab) from Swisscom.

Our partner

Paloalto Networks Logo
logo microsoft security

Find out more

Our experts will be happy to answer your questions. Contact us.