Professional Documents
Culture Documents
MDR
MANAGED MDR SERV C ES W IT H
HIGH-FI DELI T Y ALE R T TR I A G E &
A NALY SI S SER V I CE S F OR
ENDPO I NT S
• Benefit
Xcitium customers can add Xcitium MDR managed services to their EDR deployment to gain full SOC
services with alert triage and analysis support, without needing to increase staff or security expertise.
Xcitium takes on all endpoint alert management, threat hunting, and response activities.
XCITIUM MDR EXPANDS EDR WITH 24-7-365 SOC EXPERTS’ EYES ON GLASS Xcitium’s patented pre-
emptive technologies provide the world’s only detection-less breach prevention strategy at runtime to stop
unknown ransomware, malware, and cyber-attacks from causing damage to your endpoints or business. This
means you get pre-emptive protection of your endpoints and systems without having to rely on detection as the
first line of defense, which is what every other security vendor does, and which is why breaches continue to
occur worldwide. Xcitium MDR employs detection-less technology as its first line of defense, and then also uses
traditional detection techniques in parallel as part of continuous monitoring and threat management.
Xcitium MDR expands your Xcitium deployment to include our 24 x 7 x 365 SOC team’s “expert eyes on glass” to
manage security alerts for your enterprise. Alerts that are generated in the Xcitium customer console are also
reviewed in the SecOps portal where security analysts investigate the attack and the adversarial progressions
taking place in virtualization. They determine the threat’s type and risk profile, and they monitor virtualization
and quarantine operations to determine if additional remediation is required. Guidance is provided to customers
as well, including an assessment of the root cause of an attempted attack, threat hunting results and issues,
and ticket notifications sent that outline analyst recommendation(s).
& TR I A GI NG O F A LER T S T O
PREVE NT FU T U R E AT TA CK S ZeroThreatXcitium MDR is compatible with other
security infrastructures as an add-on
EDR monitoring is about continuously collecting attack solutions. As adversarial tradecraft evolves,
all solutions benefit by preemptive speed and
telemetry and anomalous endpoint events data and performing forbidden dwell time.
correlations in concert with the Xcitium Verdict Cloud, leveraging
Xcitium Threat Laboratories intelligence as well as recommended
F U LL SPECTRU M ED R VI SI BI LI TY
security policy. The Verdict Cloud analyzes unknown files that are
Gain full context of an attack to connect the dots on how adversaries
safely virtualized on your endpoints, and returns a fast malicious/
are attempting to breach your organization.
benign verdict while expert SOC triage efforts focus on real alerts, not
alert fatigue.
ELIMIN ATE ED R ALER T FATI GUE
With Xcitium MDR, you get actionable alerts based on customizable
Xcitium MDR is much better and more usable than other
security policy that notify you about the actions of contained
vendors’ solutions because under the hood our HIGH DEFINITION
activity that could represent ransomware, memory exploits,
EDR engine supports our MDR services by generating only actionable
PowerShell abuse, enumeration — specific attack attempts made by
alerts. No alert fatigue means o u r security analysts can dedicate
the threat plus many other adversarial IoCs. Alerts are also
productive time assessing real issues and vulnerabilities in your
triggered when the Xcitium Recommended Security Policy is violated.
environment without being flooded by alert overloads and false
Dwell time on your real endpoint is reduced to zero, and no damage is
positives.
possible, while your EDR tech is empowered to focus on hardening
against future attacks.
EN D POIN T MAN AGER
Malicious behavior disguised as action typically performed by
Accelerates the practice of cyber hygiene and reduces attack
signed and trusted applications such as PowerShell and Regedit would
surfaces by identifying vulnerable systems and applications.
not be flagged by other EDR tools —this is exactly why attackers use
trusted applications. But Xcitium can see this behavior clearly.
EXPERT SOC AN D STREAM LI NED
Without our EDR, the contained threat often goes unnoticed,
allowing an attacker to steal or ransom your company’s confidential ALERTS TRIAGE SERVICE
data. With ZeroDwell, contained attacks are not longer threats! Many vulnerabilities are caused by a lack of resources and
maintenance processes, and possibly by a lack of the expertise
required to integrate and coordinate security technologies, but
every one of these issues are fully covered and managed by Xcitium
24•7•365 SOC alerts triage, threat hunting, attack investigations and
remediation services.
THE POW E R OF ZE R O.
©Xcitium Inc. All Rights Reserved
Xcitium MDR | Datasheet
XCIT IU M MDR
Xcitium MDR combines EDR with fully Managed Services as an Add-on, combining pre-emptive technology, Anti-Virus (AV), Viruscope
(NGAV), endpoint detection and response (EDR), Host Intrusion Prevention System (HIPS), Firewall (FW), endpoint management (EM), Threat
Hunting, and full MDR Alerts Triage and Response capabilities, to deliver exploit prevention, comprehensive telemetry, full-spectrum
endpoint visibility, enhanced reporting, endpoint management, threat hunting, and alerts management all from one centralized SaaS platform.
KE Y C A PA B IL I T I E S
CLOUD-BASED ARCHITECTURE
Xcitium Advanced uses a lightweight agent on endpoints to monitor, process, network, download, upload, access file systems and peripheral
devices, and log browser events, and it enables you to drill down into incidents with base-event-level granularity.
SALES
US: 646-569-9114
CA: 613-686-3060
EMA I L
sales@xcitium.com
support@xcitium.com
V ISI T
200 Broadacres Drive,
Bloomfield, NJ 07003
United States