In the previous article on MDR we listed some tips on how to choose the right SOC team to monitor endpoint security for an organization. Therefore, today we decided to tell more about the EDR – the “detection” part of Sababa MDR, that recognizes and stops cyber-attacks in minutes. The solution is based on EDR by Sangfor, that has recently received the highest protection, performance and usability scores from AV Test as the best antivirus software for business users.
The shared threat intelligence and multi-layered response mechanisms, deriving from the Sangfor Platform-X cloud-based security analysis and management system, provide real-time information about the global threats and the way they affect different local environments. Granularly identifying the unknown threats, it quickly applies suitable containment actions.
Unlike more traditional solutions, that isolate malicious files at the endpoint, the EDR uses multiple mechanisms to mitigate and fight malware back. The response includes the isolation of the endpoint host or of the service group, followed by the file reliability check, isolation, and deletion.
To illustrate how the technology, now available as a part of Sababa MDR, can protect against a fast new virus spread, we remembered a story with Coca-Cola made in 2019.
Coca-Cola produces and distributes over 2 billion unit cases annually. Therefore, their supply chain plays a central role in this process. Coca-Cola Bottler Management Services (Shanghai) is its important element, as it manages the Coca-Cola non-carbonated beverage production plants in China. In 2019, the company’s system experienced an attempted cyber-attack, which turned out to be a big flop.
The story began after an outbreak of the Chinese virus “Driving Life”. Many companies in Shanghai, Dongguan, and Wuhan were severely infected, having Intranet access blocked and data transmission delayed. The virus stole corporate account passwords and was logging into servers, and desktops and mobile devices, spreading fast across the network. As most Chinese enterprises still rely on traditional security systems, designed to respond only to “known” threats, thus being helpless against the unknown and more complex ones.
Fortunately, that was not the case of Coca-Cola. Working with Sangfor Technologies, it had its security protection system upgraded with a few technologies, including EDR by Sangfor. It comprehensively improved the company’s ability to detect and respond to emerging threats. Working in conjunction with the AI-powered innovative malware detection engine, the solution gradually learns how to identify unknown malicious files, including unknown viruses and their variants. This technology allowed the company to dismantle the Driving Life virus in less than 6 minutes.
Sababa MDR combines EDR powered by Sangfor, that stops cyber-attacks in minutes, with constant SOC monitoring capabilities. Download the brochure to learn more about Sababa MDR capabilities for SMBs and MSSPs.
Image: A Coca-Cola can in China. Photo: Sumeth anu/Shutterstock