SABABA XDR

Attacks have become more sophisticated and harder to detect. The rapid shift to hybrid working means the use of personal devices and home networks, thus reducing visibility and creating blind spots where attacks go undetected. Combine that with understaffed and under skilled security teams, as well as the growing costs and complexity to manage several standalone systems. With this level of complexity, it is therefore even more difficult to detect early signs of an ongoing cyber-attack. According to IBM, it takes an average of 287 days to identify and contain a breach.

Centralised security monitoring can help to overcome this challenge. However, SIEM users struggle with high operational costs and complain of being overloaded with false positives. Many other organisations try to scale down security monitoring with Extended Detection and Response (XDR) solutions, but these technologies often turn out to have no local team to support a client in his language and time zone.

Sababa XDR combines the XDR technology with customised services to constantly analyse security events generated by endpoints, network, and cloud assets. Monitoring, incident response and triage are conducted by a group of dedicated cybersecurity engineers, who detect and respond to threats, providing faster support to clients.

The solution has an open architecture, allowing it to be integrated with existing endpoint agents. It means that the telemetry coming from the infrastructure is correlated for the security analysts with a reduced false positive rate. This allows the service to use no SIEM, and therefore, be independent from third-party sources, which are difficult to control. Analysts can spot and investigate anomalous behaviours and potential threats coming from the outside (north-south) and the inside (east-west) of the perimeter.