VMware Carbon Black Cloud XDR is a consolidation of endpoint and workload security capabilities that provide critical visibility into the network and cloud - reducing blind spots, detecting threats faster, and automating remediation using authoritative context across these domains.
VMware Carbon Black Cloud XDR uses its access to raw data collected across the environment to detect bad actors that are using legitimate software to gain access to the system. This correlation is often something security information and event management software (SIEMs) are often unable to do. The automated analysis and correlation of activity data allows security teams to contain threats more effectively as it can extend to include network detections, lateral movement, anomalous connections, beacons, exfiltration, and delivery of malicious artifacts.
Like EDR, XDR responds to the threat to contain and remove it. The difference is with the holistic visibility and context that is part of XDR, it can respond more effectively to the impacted asset, due to its superior data collection and integration with the environment. This pointed detection and response helps to contain not only the threat itself, but also the impact - reducing downtime on critical infrastructure.
There are three parts to XDR: Telemetry and data analysis, detection, and response
XDR extends the capabilities of EDR across all the security layers in the environment. Rather than the single point of view that EDR provides, XDR enables telemetry and behavioral analysis across multiple security layers. This allows security teams to see a better picture of their entire environment.
As bad actors increase the complexity of their attacks, they are not limited to a single security layer. Security teams must also evolve and not limit their view to one layer, either. EDR is a focused view that gives security professionals visibility into endpoints that might be compromised, but this may not be enough. This is where XDR comes in to provide that holistic view of activity across the environment that avoids visibility gaps. XDR allows security teams to understand where a threat comes from and how it is spreading across the environment to eliminate it and allow security teams to stop threats in the future.
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.