Latest news with #EDR
The Verge
2 days ago
- The Verge
Microsoft is moving antivirus providers out of the Windows kernel
It's been nearly a year since a faulty CrowdStrike update took down 8.5 million Windows-based machines around the world, and Microsoft wants to ensure such a problem never happens again. After holding a summit with security vendors last year, Microsoft is poised to release a private preview of Windows changes that will move antivirus (AV) and endpoint detection and response (EDR) apps out of the Windows kernel. The new Windows endpoint security platform is being built in cooperation with CrowdStrike, Bitdefender, ESET, Trend Micro, and many other security vendors. 'We've had dozens of partners supply papers to us, some of them hundreds of pages long, on how they'd like it to be designed and what the requirements are,' explains David Weston, vice president of enterprise and OS security at Microsoft, in an interview with The Verge. 'I've been really pleased with this. It's an industry of competitors but everyone has stepped up and said we've got to build a platform that all of us work on.' Microsoft is keen to stress that it's not setting the rules and expecting everyone to immediately follow them, but instead build the rules together. 'We're not here to tell them how the API should work, we're here to listen and provide the security and reliability,' Weston says. 'I think if we'd gone out that some of our competitors and said, 'Here it is, take it or leave it,' that would really be a challenge.' For decades, Microsoft has built Windows in a way that has allowed developers to deliver security software that's deeply rooted into Windows, running at the kernel level of Windows — the core part of an operating system that has unrestricted access to system memory and hardware. The faulty CrowdStrike update last year highlighted just how easy it is for a kernel-level driver to go wrong and take down a machine, resulting in a Blue Screen of Death (BSOD). Microsoft now has some of its most knowledgeable Windows engineers working on these security changes. 'We've had key developers on this, some of the kernel architects of Windows and people that don't even traditionally work in security,' Weston says. 'It's really the biggest brains of core Windows being involved and collaborating with CrowdStrike, ESET, and all those folks.' The private preview will give security vendors a chance to request changes. Weston says he expects a few iterations until it's ready for vendors to make the switch. It's also not going to solve every single kernel-level driver instance straight away. 'Our goal is to start with AV and EDR, but there will likely be kernel drivers for some period as we move on to the next set of use cases.' Another big area of Windows that uses kernel-level drivers is anti-cheating engines for games. Microsoft has been speaking with game developers about how to reduce the amount of kernel usage, but it's a more complicated use case as cheaters often have to purposefully tamper with their machine to disable protections and get cheating engines running. 'A lot of [game developers] would love to not have to maintain kernel stuff, and they are very interested in how they do that,' Weston says. 'We've been talking about the requirements there, and I think we'll have more to say on that in the near future.' Riot Games told me last year that it's willing to follow potential Windows security changes and 'recede from the kernel space.' While it's going to take Microsoft and security vendors some time to work through these Windows changes, Microsoft is confident that it will see good adoption rates because its customers are asking for changes in the wake of the CrowdStrike incident. Microsoft is also getting ready to release a Windows update later this summer that will include a new Quick Machine Recovery feature, which is designed to quickly restore machines that can't boot. It prompts a device to enter the Windows Recovery Environment, where the machine can access the network and provide Microsoft with diagnostic information. 'We basically built the thing we'd love to have had for the incident last year,' Weston says. The sight of a Blue Screen of Death will also be a thing of the past, too. Microsoft is now officially redesigning its BSOD so that it's black and not blue. More on that big change here.
Global News
2 days ago
- Business
- Global News
EDR looking to grow the economy by growing local businesses
Six Regina-based businesses have been selected to receive funded support for their growth plans from Economic Development Regina's (EDR) new Upscale Program. The program will offer companies like Crazy Ape, Sticks and Doodles and Greenwave Innovations mentorship, growth plans and $10,000 in federal funding — all in a effort to help these companies expand. Get daily National news Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day. Sign up for daily National newsletter Sign Up By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy EDR told Global News this initiative will also help grow the economy since growing business mean more jobs and investment. This is the first year of the three-year program. A new set of companies will be selected to join the program each year. Katherine Ludwig has the full story in the video above.
Irish Examiner
5 days ago
- Business
- Irish Examiner
Cork-based services company Org Group acquires Brussels-based firm
Cork-based services firm Org Group has announced it has acquired Brussels-based European workforce solutions firm Enterprise Digital Resources (EDR). Org Group said the acquisition strengthened and expanded its access to a 'network of high-skilled consultants at a time when businesses are accelerating digital transformation and facing heightened talent demands'. Financial details of the acquisition have not been disclosed. EDR provides specialised tech staff to clients in countries across Europe including France, Belgium, UK, and Ireland. It focuses on areas such as enterprise resource planning, human capital management, enterprise performance management, as well as customer relationship management. Org Group chief executive Seb O'Connell said EDR's deep domain expertise was a 'natural fit for Org Group'. 'This complements our capacity to deliver impactful digital and organisational transformation through the right mix of strategy, systems, and people.' Org Group is the holding company for Irish-owned recruitment firm Morgan McKinley, business process services company Abtran, and advisory firm Org. The group employs 3,000 people in 10 countries. EDR director James Parker said Org Group 'shares our belief that skills and talent are the engine behind successful transformation'. 'Joining the group enables us to scale our impact and support more organisations in navigating the future of enterprise technology.' Last month, the company also acquired global technology recruiting business Venturi. Venturi is headquartered in Manchester, with offices in New York, USA and Düsseldorf, Germany. Its clients include Red Kite, Bet 365, and Money Supermarket. The company has annual revenues of about £40m (€47.5m).
Business Wire
17-06-2025
- Business
- Business Wire
BlackFog Awarded 2025 MSP Today Product of the Year
SAN FRANCISCO--(BUSINESS WIRE)-- BlackFog, the leader in ransomware prevention and anti data exfiltration (ADX), today announced that its solution, BlackFog ADX, has been named a 2025 MSP Today Product of the Year Award winner by TMC, a leading global media company recognized for building communities in technology and business through live events and digital marketing platforms. The MSP Today Product of the Year Award honors standout products and services that are reshaping the managed services landscape—delivered through the Channel and purpose-built to meet the evolving needs of end users. BlackFog ADX was selected for its innovation, performance, and measurable impact on customers and partners alike. BlackFog's ADX technology represents a significant advancement in the fight against ransomware, delivering a vital layer of security beyond traditional defenses such as firewalls and Endpoint Detection and Response (EDR) solutions. Offering comprehensive coverage across Windows, macOS, Chrome, Android, and iOS, BlackFog ensures 24/7 defense without requiring human intervention. By proactively blocking emerging AI-driven threats, BlackFog strengthens organizational security with an essential new layer designed to address the evolving threat landscape. 'We're delighted that BlackFog ADX has been awarded Product of the Year by MSP today,' said Dr. Darren Williams, CEO and Founder of BlackFog. 'This award highlights the importance of preventing unauthorized data exfiltration and represents a new paradigm in the fight against ransomware, extortion, and data breaches. This approach has become critical in protecting the supply chain and the evolving needs of Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs).' 'It gives me great pleasure to recognize BlackFog as a 2025 recipient of TMC's MSP Today Product of the Year Award for their innovative solution, BlackFog ADX,' said Rich Tehrani, CEO of TMC. 'Our judges were thoroughly impressed not only by the strength and features of the product, but by BlackFog's commitment to the Channel—empowering partners to deliver exceptional service and drive meaningful results for their clients.' Winners of the 2025 MSP Today Product of the Year Award will be featured on MSP Today, the definitive resource for Managed Service Providers, as well as across TMCnet's media platforms. About BlackFog Founded in 2015, BlackFog is a global AI based cybersecurity company that has pioneered on-device anti data exfiltration (ADX) technology to protect organizations from ransomware and data loss. With more than 94% of all attacks involving some form of data exfiltration, preventing this has become critical in the fight against extortion, the loss of customer data and trade secrets. BlackFog recently won a Gold Globee award for AI-Driven Data Protection Solution and the coveted Cybersecurity Breakthrough Award for AI-based Cybersecurity Innovation of the Year. BlackFog also won Gold at the Globee awards in 2024 for best Data Loss Prevention and the State of Ransomware report which recognizes outstanding contributions in securing the digital landscape. Trusted by hundreds of organizations all over the world, BlackFog is redefining modern cybersecurity practices. For more information visit About MSP Today MSP Today is the premier online destination for MSPs (Managed Service Providers) and IT service providers worldwide. As the industry's leading web portal, we are committed to delivering timely and relevant news, cutting-edge product information, and invaluable insights to empower MSPs and IT professionals to thrive in today's rapidly evolving technology landscape. At MSP Today, we understand the challenges faced by MSPs and IT service providers in navigating the complexities of the modern business environment. Our dedicated team of expert journalists and industry analysts bring you the latest trends, best practices, and industry thought leadership to help you stay ahead of the curve. Whether you're seeking in-depth articles on emerging technologies, comprehensive product reviews, or actionable tips to optimize your IT services, MSP Today is your go-to resource for all things MSP-related. Join our vibrant community today and unlock the knowledge, resources, and networking opportunities to propel your MSP business to new heights. Follow MSP Today on X or join our LinkedIn group. Subscribe or visit About TMC For more than 20 years, TMC has been honoring technology companies with awards in various categories. These awards are regarded as some of the most prestigious and respected awards in the communications and technology sector worldwide. Winners represent prominent players in the market who consistently demonstrate the advancement of technologies. Each recipient is a verifiable leader in the marketplace. TMC also provides global buyers with valuable insights to make informed tech decisions through our editorial platforms, live events, webinars, and online advertising. Leading vendors trust TMC, thought leadership, and our events for branding, thought leadership, and lead generation. Our live events, like the ITEXPO #TECHSUPERSHOW, deliver unmatched visibility, while our custom lead generation programs and webinars ensure a steady flow of sales opportunities. Display ads on trusted sites generate millions of impressions, boosting brand reputations. TMC offers a complete 360-degree marketing solution, from event management to content creation, driving SEO, branding, and marketing success. Learn more at and follow @tmcnet on Facebook, LinkedIn, and X.
Cision Canada
15-06-2025
- Business
- Cision Canada
AV-Comparatives Validates Real-World Threat Detection in 2025 EDR XDR MDR Certification Testing
INNSBRUCK, Austria, June 15, 2025 /CNW/ -- "As cyberattacks evolve, detection can't be a checkbox. Our 2025 EDR/XDR Certification helps CISOs assess how effectively their tools uncover stealthy, real-world threats." - Andreas Clementi, ceo and founder, AV-Comparatives This independent evaluation tested enterprise cybersecurity solutions under advanced threat scenarios. The goal: to assess their ability to detect and report real-world attacks with precision and visibility. Unlike, e.g. the EPR Test, which focuses on prevention, the EDR test simulates complex attack scenarios to assess how well a product detects and logs each stage of an intrusion, providing insights into its visibility, telemetry quality, and threat detection precision. Threat visibility based on threat hunting capabilities is also considered. AV-Comparatives is pleased to announce that five out of seven solutions have achieved certification so far under our transparent and rigorous methodology. Certified Products – EDR, XDR and MDR Solutions The following products earned certification in the 2025 test round CrowdStrike Falcon Pro ESET PROTECT Enterprise Cloud G DATA 365 MXDR (MDR solution) Kaspersky Next EDR Expert (in the pilot test) Palo Alto Networks Cortex XDR Pro One Methodology for EDR, XDR and MDR While initially designed to evaluate EDR and XDR capabilities, the test can equally be applied to MDR (Managed Detection and Response) offerings. In this round, G DATA successfully participated with their MDR solution, demonstrating that even managed offerings can be assessed under realistic, controlled attack conditions. A Focus on Real-World Visibility This evaluation simulates Advanced Persistent Threat (APT) attacks, using known Tactics, Techniques, and Procedures (TTPs) from frameworks such as MITRE ATT&CK. All products were tested in monitoring mode only, meaning prevention features were disabled. The goal: to measure how well threats are detected and reported, not blocked. Highlights of the methodology: Execution of complex attack chains Validation of detections via alerts in the management console or through manual threat hunting in telemetry Transparent certification model: only products meeting the detection threshold are certified and publicly listed Methodological Improvements and the Road Ahead The 2025 test incorporated feedback from independent analysts, resulting in greater transparency, enhanced scoring, and deeper telemetry validation. Further enhancements are planned for the 2026 certification test. The EDR Detection Validation Test is open to EPP, EDR, XDR, and MDR vendors seeking independent validation of their detection capabilities. Certification offers vendors industry recognition and deep technical insight into their solution's real-world performance. Contact us to participate in the next test cycle. Cybersecurity and Antivirus Test Results are available at or the following vendors: Avast, AVG, Avira, Bitdefender, Checkpoint, Cisco, CrowdStrike, Elastic, Fortinet, F-Secure, ESET, G DATA, Gen Digital. Google, Intego, K7 Computing, Kaspersky, Malwarebytes, ManageEngine, McAfee, Microsoft, NetSecurity, Nordsec, Norton, Palo Alto Networks, Rapid7, SenseOn, Sophos, Total Defense, TotalAV, Trellix, TrendMicro, VIPRE, WithSecure and many more
