Fortra Leans On XDR For Full Spectrum Security
July 22, 2024 Alex Woodie
When it comes to security, more is often better. As in, more security professionals running more security products and services that deliver more overlapping coverage of your security weaknesses. The good news for IBM i shops is that Fortra delivers more solutions with more coverage than probably anyone else in the industry, particularly with its XDR solution.
XDR, or extended detection and response, is the state of the art for enterprise security today, and essentially is replacing security information and event management (SIEM) tools at the top of the security food chain, says Tom Huntington, the vice president of technical services for Fortra (formerly HelpSystems).
“XDR basically means that you’re capable of touching everything cybersecurity, and bringing all cybersecurity events in,” Huntington told IT Jungle at the recent COMMON POWERUp event in Fort Worth, Texas. “Instead of just managing your network appliances and your servers that are critical – like an IBM i would be, or Microsoft SQL Server – we are also able to do all your end points, your desktops, because everything has cybersecurity events.”
The idea behind XDR is to move away from the traditional siloed security approach by delivering holistic protection against cyberattacks, unauthorized access, and misuse, according to Palo Alto Networks, whose CTO, Nir Zuk, coined the term XDR back in 2018.
Fortra XDR provides a full scope of detection of security events from servers all the way to end points.
Fortra started down the XDR path with its March 2022 acquisition of Alert Logic. At the time, Alert Logic provided managed detection and response (MDR) services to about 4,000 global customers. Fortra bolstered the Alert Logic offering with support for endpoint detection and response (EDR) capabilities, and eventually
Today, the company offers Fortra XDR as a managed service. The solutions provides full coverage of customers’ entire IT estates, from on-prem to cloud, with a suite of advanced analytics and machine learning capabilities to detect sophisticated attacks.
By combining the native IBM i security event collection capabilities of its PowerTech suite with Fortra XDR, Fortra is confident that it can detect incidents involving the IBM i server as well as every other machine in the enterprise.
“We’re kind of in a unique position in that we can come in and say, hey IBM i customer, not only are we the ones who have IBM i monitoring for cybersecurity, we also have the rest,” Huntington says.
Fortra doesn’t let customers manage Fortra XDR themselves. The Linux-based offering is only available as a managed service due to the level of complexity involved with running such a complicated system, Huntington said.
“We manage on premise environments, but we really don’t allow the customer to run their own SIEM,” he says. “It’s too complicated for that midsize, small customer. They don’t have the staff, not to do it properly. And the bad actors don’t care how smart you are or how dumb you are when it comes to cybersecurity – they’re going to come at you.”
Fortra also maintains a staff of highly trained individuals who can work with the XDR solution and others to turn the reams of incoming security log and event data into actionable information – not an easy task in today’s environment.
“We’ve got millions and millions of cybersecurity transactions coming in, and we’re in a unique position because we have a whole staff of AI data scientists and data analysts on the Fortra team and we’re using machine learning and AI for analyzing that data,” Huntington said.
Another advantage that Fortra has is its relationship with law enforcement. The company works with agencies in the U.S. and other countries to bring cybercriminals to justice when they detect cybercrimes committed against their clients and others.
“A lot of the companies we deal with, or even customers, don’t realize what Fortra is doing in the wild of cybersecurity,” Huntington says. “We work directly with the FBI, Interpol, and other government agencies around the globe to take bad actors down.”
RELATED STORIES
A Peek Inside Fortra’s Cybersecurity Catalog, And Its Cyber Future
