Gartner’s New Buzzword

Gartner have a new buzzword, Endpoint Detection and Response (EDR). We want you to find the solutions that enable you to deliver it and deliver it profitably!

EDR – is the acronym for Endpoint Detection and Response which is one of the hottest topics for 2018 in the industry. 2017 saw the real emergence of EDR but 2018 is shaping up to dwarf last year.

Industry analyst Gartner, spawned the concept in 2013 has concluded that a more proactive approach is now needed, no longer can we simply attempt to block attacks, we must provide early and effective detection to minimise dwell time and damage and quite simply, this is what EDR provides.

EDR allows service providers, resellers and IT companies to climb the value chain by adding this solution to their portfolio and providing a valuable new layer of protection to customers’ security infrastructure.

All of this is great, but it only works of your chosen EDR is rapid to deploy, easy to use and manage and most importantly, profitable.

How do you make EDR profitable?

Complexity jumps straight out as a consideration; most solutions require multiple agents, and this adds a huge overhead into your management of the solution on your customers behalf. If they are managing themselves then it’s likely they won’t have the resource need to manage to solution.

Most EDR solutions, because of the way that they work are very “noisy”, huge amounts of alerts are generated, and these then have to be sifted through by a human. As has always been the case with other ground-breaking solutions, this makes them useless because of the time it takes to get to the right alerts.

It sounds as though all we are offering here is a complex and noisy solution. Unless this becomes a tick box on a compliance form will it ever offer value to you or your customers?

It’s a simple answer, and that answer is yes. Many new players are releasing their versions of EDR but the market leader is still SentinelOne and as their MSSP Partner Custodian360 simplifies the solution even more.

Custodian360: Giving you the tools and resource to provide value

Custodian360 is the only way to obtain SentinelOne as a fully managed service.

What does this mean for you? It means you can deploy the market leading EDR solution to your customers with no need to “skill up” or recruit new staff to manage a deluge of alerts every day or setup your own SOC to manage operations. Once the single agent is deployed, your job is done and Custodian360 take over operations entirely.

There are a number of features that Custodian360 provide and some of these are critical elements in any EDR solution:

  1. Rapid Deployment – Cloud Based Console up and running in minutes.
  2. Simple – There is only one agent, not many.
  3. Ease of use – A single console shows you everything you need to know.
  4. Automated Mitigation and Remediation – No need for you to manually intervene. Our analysts do that for you and remediate threats whenever necessary ensuring downtime is kept to an absolute minimum.
  5. Compatibility – Works with all Operating Systems and can co-exist with existing AV solutions.
  6. Artificial Intelligence and Machine Learning – Enables the agent to learn to identify false positives to reduce alerts and focus is given to real and dangerous threats.
  7. Automated Reporting and Alerting – Configure once and receive your reports monthly or weekly along with notifications of all alerts if required.

But do customers even want EDR?

I don’t think we’d be exaggerating if we said that customers’ demand for EDR is about to go stratospheric.

An EDR article in eSecurity Planet describes the growth in EDR as “explosive” and they report that Gartner’s forecast “is for almost 50% annual growth for EDR at least through 2020, putting it way out in front of most areas of IT”.

From this it’s a small step to work out the market value, again, according to Gartner’s EDR Estimates of some $1.5 billion – very likely when you consider that out of some 711 million devices that can make use of EDR, only 40 million currently do!

“Alert Fatigue” is already a well used term but a recent global EDR survey found that 72% of respondents report that their teams already suffer “alert fatigue” so if you can take away that fatigue for them and provide an effective and market leading solution, you can see why they will want to buy.

The message from the market is clear: for service providers, resellers and other IT partners, EDR is a revenue boost waiting to happen.

Just make sure you choose to sell solutions that are actually usable!