-and-
The Defense Information Systems Agency’s Cybersecurity Service Provider team is rolling out Endguard, a powerful new service to enhance cyber defense for strategic partners.
Source: Defense Information Systems Agency
Photo: Courtesy
What is Endguard?
Endguard is a 24/7 endpoint detection and monitoring service designed for Windows, macOS, Unix and Linux systems. This new solution leverages MicrosoftDefender for Endpoint and Microsoft Defender for Servers, providing automated capabilities to:
- Utilize every server and endpoint to detect sophisticated cyber threats.
- Empower analysts to quickly disrupt adversarial behavior.
- Simplify implementation with cloud-based technologies.
Improved threat detection and response
Endguard integrates with Microsoft Sentinel, a cloud-native security information and event management capability, to offer real-time detection, correlation, mitigation and response. This combination creates unparalleled visibility of hosts, going beyond traditional intrusion detection and prevention to monitor suspicious or anomalous behavior in both:
- North-south traffic: Across enclave boundaries.
- East-west traffic: Lateral movement between defended hosts.
A tried-and-true endpoint solution
The Endguard architecture has been rigorously tested and validated through pilots and exercises. During a simulated U.S. European Command exercise, Defender for Endpoint detected 100% of the Red Team’s endpoint attacks and 94% of their individual activities.
The USEUCOM pilot showed that configuration management and maintenance of the Defender for Endpoint infrastructure reduced workloads, allowing analysts to focus on threat hunting and high-level cyber events.
The service enables analysts to triage and contain cyber incidents more quickly. Its live response capability is tailored for each organization and reduces analyst response times from hours to seconds.
Cost-effective cyber defense
Endguard is scalable to meet the needs of strategic partners. An in-depth cost analysis revealed that 92% of eligible partners will either see reduced bills or only minor cost increases. By automating lower-level cyber defense tasks, Endguard creates a more efficient and robust security framework.
Endguard: The way forward
“Endguard drives us into a new standard of service delivery and effectiveness,” said Jason Mowery, DISA IT specialist. “Endguard will be the main service delivery enabler for the majority of our strategic partners in the near future, allowing DISA to continue to deliver world-class cybersecurity services to the United States Department of Defense .”
For more information, contact the DISA Cybersecurity Service Provider Program Office: disa.letterkenny.j3-5-7.list.cssp@mail.mil.
