DGS CyLABs: eXtended Detection and Response (xDR)

To reduce the attack surface and simplify threat analysis and response processes, within the xDR cyber security laboratory (CyLAB), DGS experts study and identify new methodologies and technologies to protect the entire technological infrastructure.

In today’s environment-in which the technology infrastructure, to support business evolution, has expanded its boundaries to include networks, clouds, endpoints and applications-many organizations are using multiple security tools to protect themselves from threats, generating a collection of timely but unrelated information and an unmanageable number of notifications for security teams, already overburdened with managing solutions and analyzing alerts.
For this reason, it needs to have a new approach to security that provides complete visibility of the entire infrastructure and enables rapid detection and response to threats.
eXtended Detection and Response (xDR) is an approach for threat detection and response which enables full visibility of data across networks, clouds, endpoints, and applications by employing analytics and automation to detect, identify, analyze threats, and execute related countermeasures.

The distinguishing feature of the xDR approach is that it provides visibility into all phases of the attack lifecycle, in correlation with the entire environment: from infiltration to lateral movement to cleanup or mitigation.
Independent adoption of EDR, SIEM and other solutions does not provide the strategic context and correlation needed to meaningfully assess threats to the technology infrastructure. The xDR approach fills this gap.
In our xDR CyLAB, DGS experts study and identify new methodologies and technologies to increase cyber threat detection and response capability with the goal of:

  • automatically detect and respond to targeted attacks;
  • natively support analysis of user behavior and technology assets;
  • provide threat intelligence;
  • reduce false positives;
  • Integrate relevant data from the entire infrastructure for faster and more accurate incident triage;
  • Perform comprehensive analysis on all threat vectors;
  • Automate and orchestrate activities to optimize SOC processes;
  • improve threat detection, protection and response capabilities;
  • improve productivity of operational security personnel.

The results of the xDR lab enable DGS to concretely support companies in implementing cutting-edge cybersecurity strategies that can protect the entire technology infrastructure by automating Security Operations Center (SOC) processes.

Find out what other areas we operate in at our CyLABs, CLICK HERE.