The new extension of the ESET security solution for EDR significantly minimizes the response time when detecting and processing cyber incidents. This relieves the burden on those responsible for IT.
The IT security manufacturer ESET has released its security solution for Endpoint Detection and Response (EDR) with an expanded range of functions as well as improved automated detection and processing of anomalies. ESET Inspect also includes the new “Incident Creator”, which significantly reduces the response time and time required for administrators to record and resolve incidents. ESET is thus responding to the desire of many companies to be able to use the advantages of EDR solutions even with limited IT resources.
Admins must check EDR information
“We have noticeably minimized the effort for ESET Inspect and still significantly increased security performance. EDR solutions per se generate a large amount of individual information that administrators have to spend time checking, putting into context and evaluating. With the Incident Creator and the Incident Rules, we are taking an innovative approach that relieves the burden on IT managers,” says Alexander Opel, Product Technology Manager at ESET Germany. “Our technology automatically combines detected anomalies into comprehensive incidents and visualizes them in an appealing way. This gives administrators a better overview of the company network and can react even faster to threats.”
Incident Creator combines individual events into comprehensive incidents
The Incident Creator is already considered the heart of intelligent automation for EDR. This innovative feature uses correlation algorithms to search the multitude of devices on the network. By analyzing patterns and relationships, the incident creator can group related detections and threat indicators into incidents. It works completely “under the hood”, continuously learns from the data flow and requires little training.
Incident Rules for Advanced Correlation
In parallel, rules can be used to perform this linking of events to incidents. ESET already provides a ready-made ruleset. Users can change this as they wish or create it from scratch. Incident rules go beyond simple correlation. They enable the construction of complex incidents by linking detections and threat indicators based on sophisticated, user-defined criteria.
New dashboard for innovative incident management
A new incident management dashboard has been created to investigate and resolve manual and automated incidents. It offers users the following options:
- Investigating and resolving incidents based on existing workflows from the “Detections” area.
- Visualizations of incidents in the form of graphs. By clicking on individual components (e.g. events, detections, processes) in the diagrams, the user can see more detailed information about them.
- Buttons for feedback or ratings of incidents (e.g. false positive / true positive).
- ESET Inspect creates a notification for each incident created. This means that users are notified in a timely manner about all relevant security incidents and can react quickly and effectively.
Further improvements to the EDR solution
In addition, ESET has integrated several other improvements into its EDR solution. What should be highlighted is the improved performance, which enables smooth work even in situations with high data load and demand.
Another important improvement to the rules engine is the ability for users to enable or disable new rules. This feature provides a greater level of customization and control over the security environment. Users can now better tailor the behavior of the rules engine to their specific security needs and preferences.
More at ESET.de
About ESET ESET is a European company with headquarters in Bratislava (Slovakia). ESET has been developing award-winning security software since 1987 that has already helped over 100 million users enjoy secure technology. The broad portfolio of security products covers all common platforms and offers companies and consumers worldwide the perfect balance between performance and proactive protection. The company has a global sales network in over 180 countries and branches in Jena, San Diego, Singapore and Buenos Aires. For more information, visit www.eset.de or follow us on LinkedIn, Facebook and Twitter.