In order to offer a complete cybersecurity offer, several French players announced during the 2021 Security Conference the birth of the Open XDR platform. Each brings their expertise around threat intelligence, EDR, mail filtering, mobility and malware analysis.
The 5 participants (soon 6) to the XDR platform want to create an offer of confidence in the domain of extended detection and response. (Photo credit: DR)
In his introductory speech at the Assises de la securite in Monaco, Guillaume Poupard , recalled that “the cybersecurity ecosystem advances when it works together” and to add with a touch of irony “it allows the good guys to save time from time to time.” This notion of collective game is found in the announcement that has was made by several French players by proposing a common offer under the name of Open XDR (extended detection and response tool). This is a platform bringing together the expertise of each of the participants.
Among them, we find Harfanglab which provides an EDR solution (endpoint protection), certified by Anssi, the brick of Threat Intelligence is led by Sekoia and mobile security is the responsibility of Pradeo. These three players already know each other well, having forged a partnership during the FIC at the beginning of September. As part of Open XDR, they are joined by Vade Secure on the email filtering aspect and the start-up Glimps, which offers malware detection. This group should also soon welcome a specialist in network probes, whose name has not been disclosed.
A collective in best of breed mode
Frederic Grelot, co-founder of Glimps, explains “the objective of this platform is to ensure the interoperability of the different solutions and even go further by offering services that reinforce each other. ”He takes the example of a strain of ransomware seen in an emailphishing scanned by Vade Secure which is then integrated into Harfang Labs EDR, then back to SOC or SIEM enriched with Intel Threat from Sekioia and malware analysis via Glimps. Several scenarios are possible.
"If the offer is unified, the bricks are autonomous and customers can choose them according to their needs," says Gregoire Germain, founder of Harfanglab. The goal is clearly to respond to customers looking for a "trusted" offer from foreign competitors such as Palo Alto Networks or Crowdstrike. The manager told us that clients were already interested in this sovereign “best of breed” approach.