Alex - stock.adobe.com

Acronis XDR expands endpoint security capabilities for MSPs

Extended detection and response capabilities for the Acronis platform can automatically lock accounts and generate incident summaries for MSPs looking for additional security.

Acronis' endpoint security technology for MSPs is gaining more automated capabilities with a new, premium offering.

The Acronis Extended Detection and Response (XDR) security tool launches today for the Acronis Cyber Protect Cloud platform, the vendor's cloud console and platform for managing data backup and security.

XDR adds capabilities to the vendor's existing EDR platform to enable a single console for monitoring data sources, threat detection alerts and automated triage capabilities, such as account locking.

The security additions by Acronis echo the approach other backup vendors have taken, such as Rubrik and Commvault, to grow into a cybersecurity role rather than handle infrastructure alone, said Jerome Wendt, president and founder of Data Center Intelligence Group. These additions are useful but likely won't supplant other security platform offerings in capabilities and technical acumen.

"I don't see more traditional data protection companies leading in cybersecurity," Wendt said. "But they're going to take a lot of leading practices and follow closely behind."

Acronis' security additions might find a receptive audience among MSPs that need to cut employee or software costs, Wendt said, compared to vendors that offer dedicated security platforms such as CrowdStrike or SentinelOne.

XDR is available now, according to the company.    

Extended security visibility

The Acronis EDR platform was designed to detect anomalous actions and events on corporate endpoints, such as workstations, phones and servers, then flag them for remediation using security and recovery tools.

In the past, MSPs using the EDR platform would need to manually resolve issues, such as locking down a user account. Now, Acronis XDR capabilities expand the security response of MSPs through a single agent and console, according to Gaidar Magdanurov, president of Acronis.

The new XDR capability is designed to tackle threats such as ransomware as a service or attacks using generative AI, both of which can create new strands of ransomware before signatures or patches are available, he added.

I don't see more traditional data protection companies leading in cybersecurity.
Jermone WendtPresident and founder, Data Center Intelligence Group

"In the enterprise, you have internal IT and security teams. MSPs don't have that security [workforce] or have those credentials and capabilities," Magdanurov said. "We see that attacks are becoming more sophisticated, better deployed and have [greater] capabilities."

XDR collects low-level alerts for incident reports and status checks to eliminate alert fatigue. The service uses machine learning to provide real-time network, data and traffic monitoring to highlight threats as they occur. Attacks can be contained early through automatic device quarantining and eliminating account permissions.

Security vendors such as CrowdStrike and SentinelOne provide comprehensive security but could be too complex for MSP employees, Magdanurov said. XDR aims to automate those processes and provide MSPs with focused features such as multi-tenancy.

Many security providers

The rise of ransomware is causing some IT customers to demand security features be incorporated directly into the tech, said Matt Ball, an analyst at Canalys. Those customers, ranging from individual buyers to SMBs, might not have the technical savvy to combine security tools into a unified tech stack with other services.

"There's a demand for a more wholistic approach to cybersecurity [among customers]," Ball said.

Acronis' use of XDR could help alleviate many of those security concerns with improvements to come as the platform's understanding of threats increases through machine learning and attack exposure.

What will remain important for Acronis is providing that balance of features without demanding too high of an initial buy-in from MSPs and their customers.

"It's a very price-driven market," Ball said. "It's up to the customer where they see the value."

Tim McCarthy is a news writer for TechTarget Editorial covering cloud and data storage.

Dig Deeper on Threat detection and response