CRYSTAL EYE XDR

Extended Detection & Response

IT TAKES 206 DAYS TO IDENTIFY A BREACH AND 314 DAYS TO CONTAIN IT*

A holistic approach to security is required to properly protect your organisation


Crystal Eye XDR (Extended Detection & Response) protects, detects and responds to threats across your whole organisation, all from a single unified platform. It secures your organisation from the cloud to the endpoint with a range of integrated security controls.

Crystal Eye XDR is a unified security platform that quickly detects security incidents anywhere across your business and automatically responds to shut down the threat and minimise the impact to your business.

Problems

  • Security incidents are becoming more complex while compliance obligations are becoming harder to meet.

  • Organisations are struggling with too many products from different vendors which aren’t integrated together.

  • Companies need to be able to quickly identity real threats from all the noise and then initiate rapid response procedures to minimise business impact.


Solution

  • XDR solves these problems by avoiding the complexity of configuring and monitoring separate security systems.

  • XDR offers a single unified platform that delivers security protection, threat detection and incident response across your whole organisation.


Benefits

  • Reduce risk of a security incident

  • Reduce time to detect and respond to an event

  • Reduce cost of securing your business

CRYSTAL EYE ARCHITECTURE

Deployment Options

Crystal Eye is available in the following flexible deployment options:

XDR – Extended Detection & Response

  • XDR involves the collection and correlation of event data from endpoint, network and cloud sensors to identify real threats anywhere in your environment and automatically trigger a coordinated response to secure your business.

  • It is pre-configured to be ready to go out-of-the-box, so it delivers a consistent level of security without the complexity of integrating products from multiple vendors.

  • Our network-based and cloud-based sensors (via the Crystal Eye Firewall) deliver Network Detection & Response (NDR), in combination with our host-based sensors (via our XDR End-points) to deliver End-Point Detection & Response (EDR) which all feed data back to our Crystal Eye Orchestrate centralised management console to deliver Extended Detection & Response (XDR).

  • Orchestrate acts as a data lake to collect all the data for correlation and response coordination. This is a significantly simpler process due to the standard data format and shared data storage used across the Crystal Eye products, which avoids the laborious task of normalising and correlating data from different sources.


More than SIEM

  • XDR avoids the complex integration required with Security Information & Event Management (SIEM) and breaks down the silos between different systems by having a single data store for all events.

  • Where SIEM focuses on pulling the data together into events, XDR has the added benefit of pro-active and automated rapid response to stop threats in their tracks before real damage occurs. XDR goes a step further to provide advanced threat detection with research analysis labs to support defensive efforts.


Integrated SOAR

  • Our XDR solution has integrated Security Orchestration, Automation & Response (SOAR) processes which allow you to automate responses to low-risk threats and coordinate responses to high-risk threats with the relevant resources.

  • These capabilities are typically not accessible for most organisations, but our integrated SOAR approach provides a comprehensive, cost effective response solution available to businesses of any size. Our automated incident response process gets executed immediately when a breach occurs and is significantly cheaper than alternative options.

Crystal Eye XDR Data Flow Architecture

Crystal Eye Orchestrate is responsible for communication between the various components of the platform to facilitate the collection of data from the various sensors, the normalisation and correlation of the data in the centralised Data Lake and then the orchestration of threat detection and incident response activities.


MDR – Managed Detection & Response

  • We offer a fully managed XDR solution to take on the responsibility for operating the platform, so our certified security analysts in our 24/7 SOC are available to investigate and resolve security incidents in real-time across your network and help coordinate rapid response activities.


IRM – Integrated Risk Management

  • The Crystal Eye Integrated Risk Management solution provides an automated and integrated approach to meeting your compliance obligations. It pulls together relevant compliance information and controls from multiple points across your network into a central dashboard that allows you to manage and report on that information to ensure you're compliant to a range of standards and provides a snapshot of your compliance posture at a point in time.

  • The compliance journey can be a pain-staking process that requires a lot of investment in time and resources. Our IRM module automates the majority of the work required to achieve and maintain compliance, thereby significantly reducing the cost for your business to gain a competitive edge in the market.

  • Crystal Eye IRM can also be integrated into our eCISO (electronic Chief Information Security Officer) product and vCISO (virtual Chief Information Security Officer) service to deliver a comprehensive solution to Integrated Risk Management.

Crystal Eye Firewall (FW)

The Crystal Eye platform includes a full-featured next-generation firewall with a range of integrated security controls such as firewall, IPS, secure web gateway and secure email gateway. This ties into our overall XDR platform to deliver superior protection for your business.

Integrated Vulnerability Management

  • Crystal Eye offers vulnerability tuning within the IPS engine to provide virtual patching against known vulnerabilities identified in your environment.

  • The moment you install Crystal Eye, it runs a scan of your environment and shows you the number of vulnerabilities that have been detected, then it shows you how many have exploits which are leaving you at risk and how many are now being protected by Crystal Eye.


An Integrated Approach

  • Crystal Eye XDR delivers a comprehensive solution across a range of security areas, with the whole platform working together to protect, detect and respond to threats in your environment.

  • This all works together to provide a single defence-in-depth platform to mitigate risks to your organisation.

  • Our modular approach can be catered to meet the needs of each company, so you can pick and choose what matters most to you without implementing the whole solution.

  • It's about business outcomes and managing risks specific to your needs, not just about technology for the sake of it.


*IBM Cost of a Data Breach Report, 2019