Professional Documents
Culture Documents
TRAINING Deck Partner_Acronis-Cyber-Protect-Cloud-Advanced-SecurityEDR
TRAINING Deck Partner_Acronis-Cyber-Protect-Cloud-Advanced-SecurityEDR
© Acronis 2022 1
EDR Overview
© Acronis 2022 2
What’s EDR?
© Acronis 2022 3
The need for EDR
Sources: “Data Breach Investigations Report’, Verizon, 2022”; “Cost of data breach report”, 2022, IBM Security & Ponemon Institute; “Costs and Consequences of Gaps in Vulnerability
Response,” ServiceNow, 2020, Investigation or Exasperation? The State of Security Operations”, iDC
© Acronis 2022 4
How EDR helps to protect against more threats
Antimalware EDR
© Acronis 2022 5
Next step – antimalware vs EDR
Category Antimalware EDR
© Acronis 2022 6
Advanced Security + EDR
Overview
© Acronis 2022 7
Powered by award-winning endpoint protection
AV-Comparatives Approved AV-Test Certified
Business Security
Detection and Blocking of ICSA Labs Certified
Real-World Protection Test - 0 false
Advanced Attacks – 100%
positives 0 false positives
detection
Malware Protection Test - 0 false
positive 0 false positives
© Acronis 2022 8
Includes all functionalities of Advanced Security
Full feature-based comparison between the two packs is available here
Next-generation anti-malware: URL filtering: Extend cyber Exploit prevention:
Prevent threats with signature- and protection to web browsing to Reduce the risks of exploits
behavior-based endpoint protection prevent attacks from malicious and malware taking advantage
websites of clients’ software vulnerabilities
Better protection with fewer resources: Safe recovery: Global and local allowlists:
Protect backups against malware and Prevent threat reoccurrence by Created from backups to support
enable more aggressive scans by integrating anti-malware scans of more aggressive heuristics,
offloading data to central storage, backups and antivirus database preventing false detections
including the cloud updates into the recovery process
© Acronis 2022 9
Advanced Security + Endpoint
Detection and Response (EDR)
DETECT, and RESPOND to advanced attacks that sneak past other endpoint defenses with minimal
investigation efforts and with pre-integrated IDENTIFY, PROTECT, and RECOVER capabilities.
Minutes-not-hours detection
and incident analysis across
MITRE ATT&CK®
© Acronis 2022 11
Stop the breach and ensure
business continuity
Succeed where point solutions fail. Unlock the full
power of a platform with integrated capabilities across
the NIST framework
▪ Identify – inventory and data classification to better understand attack surface
▪ Protect – threat feed, forensic insights, data protection map, patch management,
blocking analyzed attacks, and policy management to reduce risks
Select the actions you want to take, and respond with a single click.
© Acronis 2022 12
Short EDR story – a bank robbery
Robber disguised Moves towards Disables Surveillance team Security team
as technician Vault Cameras escalates to takes suspect
enters the bank Security team down
Benign event Suspicious event Suspicious event Potential breach Response action
▪ Security guard couldn’t ▪ Technician has no job ▪ Camera shouldn’t be ▪ Surveillance team ▪ Security team analyses
identify the robber due to his near vault disabled unless prior unaware of any and validates the breach.
Bank impersonation permission obtained maintenance on ▪ Suspect is taken down;
Security surveillance cameras team fixes gaps in
Detection & ▪ High number of camera maintenance
suspicious activities process e.g. known
Response
▪ Next step: Escalation technicians only with
to Security team background checks only
Benign event Suspicious event Suspicious event Potential breach Single-click response to:
▪ EDR records the benign ▪ EDR records the events ▪ Another suspicious ▪ An incident is created • Investigate further
event activity: EDR tries to and MSP can review the • Contain threats
Avanced ▪ Note: AV solution fails to correlate this activity with chain of related events.
other related ones, which • Remediate
Security + detect the threat (no match in ▪ Each step of the attack
its database) might lead to is explained by showing • Recover business
EDR a breach what the attacker did continuity and data
and how • Prevent threats from
reoccurring
© Acronis 2022 13
Acronis as a service provider partner
Acronis is dedicated to enable partners to succeed, instead of competing with them
▪ Rapidly turn-up services with modular approach
through with a single console and agent
© Acronis 2022 14
Advanced Security + EDR: Top 4 use cases
© Acronis 2022 15
Licensing & pricing
© Acronis 2022 16
Advanced Security + EDR: Licensing
Product name Description
© Acronis 2022 17
How to package services with Advanced Security + EDR
• Network security
• Network management
© Acronis 2022 18