"Thousands of malware variants emerge daily and new hacking techniques are diligently traded on the darkweb. You have to assume that sooner or later malware will infect your PCs or servers." Roel Van Looy, Technical Solutions director, makes no bones about it: "In a contamination, every second counts. So the question is how quickly you detect, isolate and render them harmless.
Why choose XDR?
Antivirus software mainly rejects known files and is therefore behind the times. Today we replace it with Extended Detection and Response (XDR). This technique analyses, in real time and using artificial intelligence, the behaviour of every piece of software, on all PCs and servers in your environment.
To avoid risks, unknown software is also always blocked preventively. Only after manual inspection are they given the green light or not. But known packages are also closely monitored. Any suspicious action, however small, is blocked and reported centrally as an 'alert'. And then it is up to the organisation's IT department to analyse and intervene."
Nikolai is one such security specialist. He handles all alerts within VanRoey | EuroSys: "Want to drive IT staff crazy? Then let them handle these alerts (laughs). Not all alerts are of a bad nature, which makes it anything but easy to decide. Thanks to highly sophisticated A.I., the number of alerts is already reduced considerably, but of course that makes only the most challenging cases fall on our plate.
As if that were not stressful enough, every 'false positive' also causes a blockage in operations. A colleague, process or service cannot temporarily continue without my approval. So we have to move quickly, but with great precision. There is no room for laxity nor mistakes."
Managed XDR, or MDR
Roel sees organisations therefore eagerly capitalising on the relatively new Managed Detection & Response (MDR) service: "XDR generates a deluge of complex notifications that make many an IT professional frown. Each one requires very specific knowledge of the matter. Therefore, alert fatigue soon sets in, reducing vigilance and reducing the effectiveness of XDR.
So with MDR, we relieve organisations of this worry and our certified experts take over. Thus, their environment becomes a lot more secure and their IT teams can stay focused on their core tasks.
No solution is foolproof, but MDR is a vital component in any contemporary cybersecurity policy anyway." concludes Roel.
Want to know more about XDR or MDR?
We can help you secure your environment optimally.