On March 1, 2023, Forescout Technologies, a leading automated cybersecurity solutions provider, launched Forescout XDR to enhance enterprises' investigation, detection, and response capabilities against advanced threats across their extended enterprises.
Currently, security operation centers (SOCs) are inundated with an average of 450 alerts per hour, and analysts often spend precious time correlating low-fidelity alerts and chasing false positives. Forescout XDR uses data science and automation to generate a single high-fidelity alert every hour from 50 million logs ingested, reducing the number of alerts that warrant further investigation and thus enabling analysts to focus on legitimate attacks.
Forescout XDR is vendor- and EDR-agnostic and collects data from over 170 sources, including security, cloud/SaaS infrastructure and enrichment sources, as well as dozens of leading vendors.
Forescout XDR contains over 70 threat information sources and 1500 confirmed detection rules and models. With data onboarding included, customers may become operational in hours, actively identifying, investigating, and responding to risks.
SOCs till now have excluded critical devices that are increasingly common points of attack, such as industrial control systems (ICS), operational technology (OT), building management systems (BMS), and IoT and medical devices. Furthermore, the technological stack on which SecOps teams have been forced to rely has made it impossible to respond to these threats promptly and thoroughly.
The technology integration with Forescout's network access control solution facilitates proactive prevention of attacks by reducing the attack surface through restriction of compromised or non-compliant devices from connecting to their networks and automating response workflows that can immediately touch every connected device throughout the enterprise. Thus helping reduce the blast radius of an attack in real-time, allowing proper mitigation or remediation measures to be completed.
Forescout XDR includes a multi-tenant architecture and supports local data storage while also providing an aggregated global view of threats and SOC performance. It is ideal for large firms, global corporations, and organizations with regional managed security service providers (MSSPs) and SOCs.
The SaaS licensing pricing model is based on the total amount of endpoints in the enterprise, offering customers the flexibility to leverage the data sources they need to support their use cases without concern for fluctuating costs associated with cloud log storage.
About Forescout Technologies Inc.
Forescout Technologies, Inc. protects the Enterprise of Things through comprehensive identification, segmentation, and enforcement of compliance with every connected device. The company's enterprise-class platform has been widely deployed across managed and unmanaged IT, IoT, and OT devices, making it a trusted choice for Fortune 1000 companies. Forescout provides organizations with the most extensive device intelligence in the world, enabling them to classify risks precisely, detect irregularities, and promptly remediate cyber threats without harming essential business assets.