Cloud-native application protection platforms (CNAPPs) are a unified and tightly integrated set of security and compliance capabilities designed to secure and protect cloud-native applications across development and production. CNAPPs consolidate a large number of previously siloed capabilities, including container scanning, cloud security posture management, infrastructure as code scanning, cloud infrastructure entitlement management, runtime cloud workload protection and runtime vulnerability/configuration scanning.
The Endpoint Detection and Response Solutions (EDR) market is defined as solutions that record and store endpoint-system-level behaviors, use various data analytics techniques to detect suspicious system behavior, provide contextual information, block malicious activity, and provide remediation suggestions to restore affected systems. EDR solutions must provide the following four primary capabilities: • Detect security incidents • Contain the incident at the endpoint • Investigate security incidents • Provide remediation guidance
Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed end-user endpoints — including desktop PCs, laptop PCs, and mobile devices — against known and unknown malicious attacks. Additionally, EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents deployed to endpoints and connected to centralized security analytics and management interfaces.
Extended detection and response (XDR) delivers security incident detection and automated response capabilities for security infrastructure. XDR integrates threat intelligence and telemetry data from multiple sources with security analytics to provide contextualization and correlation of security alerts. XDR must include native sensors, and can be delivered on-premises or as a SaaS offering. Typically, it is deployed by organizations with smaller security teams.
Infrastructure monitoring tools capture the health and resource utilization of IT infrastructure components, no matter where they reside (e.g., in a data center, at the edge, infrastructure as a service [IaaS] or platform as a service [PaaS] in the cloud). This enables I&O leaders to monitor and collate the availability and resource utilization data of physical and virtual entities — including servers, containers, network devices, database instances, hypervisors and storage. These tools collect data in real time and perform historical data analysis or trending of the elements they monitor.
Managed detection and response (MDR) services provide customers with remotely delivered security operations center (SOC) functions. These functions allow organizations to rapidly detect, analyze, investigate and actively respond through threat disruption and containment. They offer a turnkey experience, using a predefined technology stack that commonly covers endpoint, network, logs and cloud. Telemetry is analyzed within the provider’s platform using a range of techniques. This process allows for investigation by experts skilled in threat hunting and incident management, who deliver outcomes that businesses can act upon.
Mobile threat defense (MTD) products protect organizations from threats on iOS and Android devices. MTD products protect at the device, network and application levels and focus on countering malicious actions.
Gartner defines operational technology (OT) as “hardware and software that detects or causes a change, through direct monitoring and/or control of industrial equipment, assets, processes and events”. OT security includes practices and technologies used to protect them, but these practices and technologies are now evolving into distinct categories to address the growing threats, security practices and vendor dynamics.
Reviews for 'Security Solutions - Others'