RSA 2019: Implementing EDR Across Multiple Device Types

RSA 2019 presented several notable themes. In almost every conversation, there was talk of making cyber security more pervasive and continuous. At the same time, solution providers were striving to show how they could make SecOps more efficient.

Ziften was certainly contributing to this conversation at RSA. With their Microsoft partnership, Ziften customers can now deploy endpoint protection (plus detection and response) on machines running Windows, Linux or Mac operating systems. This protects servers as well as work stations.

The advantage of the multiple device approach to EDR is to centralize the management of endpoint protection, detection and response—contributing to SecOps efficiency in the process. In addition, Ziften’s architecture pushes EDR data into the cloud for continuous analysis. This enables real time awareness of endpoint security problems and rapid response.

Roark Pollock, Senior Chief Marketing Officer at Ziften

According to Roark Pollock, Chief Marketing Officer at Ziften, “The traditional approach to EDR was to look review months of offline data retrospectively. The world has moved past the relevance of this strategy. SecOps has to know what’s happening on their endpoints right away, no matter what kind of endpoint it might be.”

It’s part of a bigger picture, going beyond anti-virus. “We report on use of unauthorized apps in real time. We give people a picture across the whole network, determining which endpoints are running outside of policy,” Pollock added. “And, we help SecOps prioritize on what to fix first.” With this type of solution, organizations can better manage their security posture and hygiene methodology.

The Microsoft partnership is paying dividends, with strong business growth and a great deal of interest from joint customers. Ziften has created a customized channel program to deal with demand.

Photo Credit: dejankrsmanovic Flickr via Compfight cc