By Nikki Ralston, Product Marketing, Threat Prevention
Microsoft Defender for Endpoint integrates with Check Point’s extended detection and response (XDR) solution – Horizon XDR/XPR. One-click integration connects the endpoint solution and telemetry is added to the XDR/XPR artificial intelligence (AI) driven data correlation engine. XDR/XPR combines data from Defender for Endpoint with additional Check Point products and other 3rd party data sources, and correlates between them to uncover attacks that previously remained under the radar.
Faster Attack Prevention with XDR/XPR and Defender
The ability to automatically perform AI analysis across data from Microsoft Defender for Endpoint and multiple Check Point and 3rd-party security products deployed in the organization, powers intelligent correlation that can uncover stealth attacks that currently go undetected.
The most dangerous, sophisticated attackers invest heavily in flying under the radar and avoiding detection for as long as possible. They exploit the fact that most organizations deploy their security solutions in disconnected silos. Each solution is responsible for protecting a specific vector (email, network traffic, endpoint, etc.), but there is usually no connection between them. During such an attack, multiple solutions may detect minor activity that on its own doesn’t warrant an alert, but when Horizon XDR/XPR analyzes data from multiple solutions together it is able to find correlations and detect that an attack is underway. This correlation across solutions is how XDR/XPR detects dangerous attacks that otherwise would have remained undetected, to give security teams the ability to stop attacks before serious damage is done.
How does it work?
Check Point Horizon XDR/XPR consolidates events and alerts from across your security estate to power intelligent correlation, uncover stealth threats, and take automatic prevention actions when there is an attack. With Horizon XDR/XPR your business can enjoy:
· Comprehensive threat prevention
Across the entire security estate, leveraging integrations with Check Point and 3rd party security solutions.
· Intelligent threat & event correlation
Prevention is powered by AI and threat intelligence, correlating Check Point, and 3rd party data.
· Consolidated analytics
Visibility into attack behavior, context, and damage. Understand where the attack is within the kill chain.