CIO Influence
Automation CIO Influence News Security

Forescout Addresses Modern SecOps Challenges with Launch of Forescout XDR

Forescout Addresses Modern SecOps Challenges with Launch of Forescout XDR

Forescout Technologies Inc., the global leader in automated cybersecurity, unveiled Forescout XDR, to help enterprises better detect, investigate, and respond to the broadest range of advanced threats, across the extended enterprise.

A typical SOC is flooded with 450 alerts per hour, and analysts waste precious time trying to correlate low fidelity alerts and chasing false positives, often at the expense of focusing on legitimate attacks. Until now, a security operations center’s (SOC) field of view for threat detection and response has excluded critical devices that are increasingly common points of attack, including operational technology (OT), industrial control systems (ICS), building management systems (BMS), and medical and IoT devices. In addition, the technology stack that SecOps teams have had to rely on has made it difficult to respond to these threats in a rapid and comprehensive manner.

CIO INFLUENCE: Ericsson presents a Green Financing Framework

“The true value of an XDR solution lies in its ability to ingest telemetry and data from across the entire enterprise: cloud, campus, remote and datacenter environments, and every managed and unmanaged connected device. This is what the X in XDR is all about, after all,” said Justin Foster, CTO, Forescout. “Traditional XDR products lack this capability, or they only leverage data from the vendor’s own EDR or a few other security tools. This significantly limits the flexibility, scalability and effectiveness that an XDR solution must provide.”

Through the advanced application of data science and automation, Forescout XDR generates one high-fidelity alert that truly warrants analyst investigation, from every 50 million logs ingested, per hour. Because Forescout XDR is vendor- and EDR-agnostic, this ingestion includes data from over 170 security, infrastructure, application, cloud/SaaS and enrichment sources, and dozens of leading vendors. And with over 70 sources of threat intelligence and 1500 verified detection rules and models, and data onboarding included, Forescout XDR customers can be operational within hours, actively detecting, investigating, and responding to threats.

CIO INFLUENCE: Apprentice Now Joins Amazon Web Services Training Partner Program to Deliver AWS Cloud Skills Training

“Forescout XDR, with the breadth and richness of its capabilities, particularly its dashboards and reporting, provides an out-of-the-box solution to SOC challenges that we spent 18-24 months trying to address,” said Samer Mansour, CISO, Panasonic Corporation of North America. “It was easy to deploy, and fully operational in a matter of weeks. And with its tight integration to Forescout’s network security and visibility solutions, and our broader security tech stack, it gives us the ability to exert a lot more control across our IT and OT environments, and further elevate our overall security.”

Seamless integration with Forescout’s industry-leading network access control solution helps ensure that customers can:

  1. Reduce the attack surface, and the risk of an attack in the first place, by preventing compromised or non-compliant devices from connecting to their networks. This proactive approach to XDR further elevates the effectiveness and performance of a modern SOC.
  2. Automate response workflows that can immediately touch every managed and unmanaged connected device, across the enterprise. This reduces an attack’s blast radius in real-time, allowing proper mitigation or remediation measures to be completed.

Because Forescout XDR has a multi-tenant architecture and supports local data storage while also being able to provide an aggregated global view of threats and SOC performance, it is ideally suited to large enterprises, multi-nationals, organizations with regional SOCs and managed security service providers (MSSPs).

CIO INFLUENCE: PlainID Launches The PlainID Technology Network to Enable Identity Aware Security for Advanced Access Control

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

ITechnology Weekly Highlights : Top ITech News To Read

CIO Influence Staff Writer

CrowdStrike is the First Cybersecurity ISV Founded for the Cloud to Exceed $1 Billion in AWS Marketplace Sales

PR Newswire

Legaltech Startup Councilbox Raises €5m From Adara Ventures, Telefónica, And Abanca

CIO Influence News Desk