Modern enterprises are facing enormous cyber security challenges. The SOC teams are acquiring and managing multiple solutions (TIPs, SOARs, SIEMs, vulnerability management, etc) in order to try to keep pace with the volume, velocity, and complexity of the threats they are facing. Managing these disparate solutions and trying to efficiently leverage their capabilities is adding to the already heavy workload faced by today’s SOCs.

Consolidation is Key

‍Looking at this challenge from a deployment architecture point of view, SOARs and SIEMs are already consolidating. You can look at the example of Phantom and Splunk as a perfect illustration. But the next natural evolution that will provide real benefits to SOC teams is the consolidation of threat Intelligence platforms (TIPs) to the now unifying SIEM/SOARs. TIP+SIEM+SOAR provides the building blocks for effective Detection and Response, or what’s now being called Extended Detection and Response.

That’s why we are launching our Augur predictive detection and response platform (pXDR). Augur will help with that consolidation by improving visibility on threats, providing automation and enrichment for enforcement, and correlation orchestration data of multiple systems into a single-pane-of-glass.

What is the p in pXDR?

The Augur pXDR consolidates core TIP, SIEM, and SOAR functionalities. But its core predictive intelligence capabilities make it truly unique - providing proactive protection, helping your SOC team move from defense to offense.

Augur’s machine-learning-driven predictive threat intelligence detects the buildup of cybercriminal infrastructure. Augur can predict attacks on average 51+ days before first reports, with a 0.01% false-positive rate, by profiling and modeling behavioral patterns.

Augur isn’t just a “next-gen” platform. It’s a revolution in security strategy because of its ability to identify threat infrastructure buildup and attribute it to threat actor groups. Augur correlates those predictions against your internal data and more than 120 external sources and then automates blocking of identified threat vectors long before other security companies report any IOCs.

Intelligence, Automation, and Orchestration

Augur pXDR integrates with your current security stack to improve coverage, orchestrate response, streamline workflow, and help your analysts stay ahead of potential threats. No need to invest in TIPs and SOARs. And the platform can even take over the correlation functions of your SIEM. Or, if you prefer, you can keep all your incumbent technologies and just add Augur to your defense in depth.

Five Pillars of XDR +1

There are as many different definitions of XDR as there are companies offering XDR solutions. But according to Enterprise Strategy Group, XDR can be understood as “an integrated suite of security products spanning hybrid IT architectures, designed to interoperate and coordinate on threat prevention, detection and response.” Sounds good, but what does that really mean? Well, there are five key capabilities an XDR should have, and Augur adds a sixth.

1. Centralizes/aggregates and normalizes data from multiple security products across the threat surface (e.g., cloud, endpoints, logs, networks). Augur does that!
2. Correlates, prioritizes and provides context and enrichment for security data and alerts. Augur does that!
3. Adds a layer of intelligent analysis to the data to allow enforcement automation rather than just pushing massive volumes of raw threat alerts to analysts. Augur does that!
4. Provides a centralized response capability that can implement actions and change security policies. Augur definitely does that!
5. Connects, streamlines, and simplifies security technologies to make the whole greater than the sum of its parts. Augur does that too!

‍+1: Augur checks all the XDR boxes above and provides a game-changing extra layer of protection to your security ecosystem: helping protect against novel threats and keeping your network safe before attacks are first reported.