Provides customers with comprehensive end-to-end security solution
Blue Coat Systems, Inc., a market leader in enterprise security, has unveiled its Alliance Ecosystem of Endpoint Detection and Response (EDR) partners. Blue Coat developed this ecosystem to allow actionable intelligence gathered from endpoint security solutions to be shared with the entire Blue Coat security portfolio, enhancing customers’ ability to protect, detect and respond to incidents. Founding members of the Blue Coat Endpoint Alliance Ecosystem are Bit9 + Carbon Black, Countertack, Digital Guardian, Guidance Software, Promisec, and TripWire.
As the threat landscape has shifted toward sophisticated attacks capable of inflicting massive damage, most legacy endpoint vendors have not kept pace in the race to protect organisations from evolving methods of attack. As a result, EDR technologies have arisen to provide a new level of visibility and control on the endpoint, quickly consuming the space once occupied by more traditional endpoint technologies.
EDR solutions include a variety of endpoint technologies ranging from application protection and privilege management, whitelisting, execution isolation and comprehensive visibility and control. While the secure proxy remains the most critical control point with complete visibility and control in the network, the intelligence and actionable data that can now be gathered from endpoint devices, such as Windows PC’s and Linux machines, is extremely useful for the security operations and incident response teams. As a result, it is critical that organisations are able to connect the in-depth traffic termination and inspection capability that only a proxy can provide, to the host-level visibility and remediation capabilities within EDR.
“With more and more employees using smartphones, tablets, watches and other devices to connect to enterprise networks, endpoint detection and response takes on a higher level of importance,” said Jon Oltsik, senior principal analyst, ESG. “This alliance provides customers the ability to proactively protect their network with proven endpoint security solutions that are well integrated, providing an added benefit of a potential return on investment.”
“As new technologies like EDR emerge in the cyber security market, organisations are realising that integrating innovative platforms quickly is essential in countering advanced attacks,” said Neal Creighton, CEO, CounterTack. “Our tight integration with Blue Coat is driven by what our customers want, and we’re excited about the go-to-market opportunities together as we deliver best-of-breed endpoint security and network security solutions to the market.”
“Enterprise network administrators dealing with BYOD, shadow IT and the Internet of Things, are realising the need for endpoint detection and response is crucial,” said Peter Doggart, vice president, business development. “Other than the proxy, the endpoint is the only place where IT security has full visibility into what is happening within their environment. By working with leading endpoint detection and response leaders, Blue Coat is providing customers with a truly comprehensive end-to-end solution—from complete network to endpoint visibility and detection, to swift and effective incident response and remediation.”
Benefits of the Blue Coat EDR Ecosystem
- Malware Detection: When unknown malware is detected, Blue Coat will update its Global Intelligence Network and will automatically query the EDR management system to understand if the malware has spread to any endpoints, providing a consolidated report to identify which endpoints are infected. This enables immediate quarantine and quick remediation of those infected machines.
- Time to Resolution: Malware may make its way onto a device through different vectors that do not go through network or inspection technologies. The endpoint vendor will be able to automatically submit any suspicious payloads to Blue Coat and gain additional insight from our sandboxing and security analytics technologies, significantly reducing time to resolution.
- Incident Response and Remediation: To fully understand a breach event or attack, incident responders must look at data from both the endpoint and the network. Blue Coat EDR ecosystem endpoint vendors will be able to provide network security analysts with the ability to pivot directly from an endpoint solution to a comprehensive record of all related network activity for complete incident analysis. Utilising Blue Coat Security Analytics and the Global Intelligence Network, analysts see the full scope, uncovering the root cause with clear evidence and understanding of exactly what was happening before, during and after an event– even threats hiding in encrypted traffic can be discovered when using Blue Coat’s SSL Visibility technologies.
These endpoint and network integrations are expected to become available beginning in August 2015. Please visit the Blue Coat EDR ecosystem page for more information.