G DATA XDR
| In the following text, we will use the term "user". This may refer to authorized employees of the end customer, the {partner}, or service providers commissioned by the end customer who have access rights to the G DATA Web Portal. |
User’s obligation of cooperation G DATA XDR
G DATA XDR serves as a security tool to monitor endpoints and detect potentially suspicious activity.
G DATA XDR responds to known security threats by stopping processes and copying malicious code files to quarantine to prevent damage. It attempts to detect unknown threats by monitoring the entire system for signs of an attack and takes the actions described above to prevent damage.
In addition, G DATA XDR helps highlight security-related events and provides guidance on taking further measures to mitigate potential attacks.
It should be noted that G DATA XDR is used as a tool that always requires active user participation. To efficiently detect cyber threats and prevent financial or data protection-related damage, it is absolutely essential that, after installing the G DATA Agents, the user regularly verifies that all components of the system are functioning properly. This includes, in particular, verifying that endpoints are correctly connected, data is being transmitted, and notifications are being reliably received. Only when functionality is consistently ensured can G DATA XDR provide its full protective effect.
Responsibilities of users
The user is responsible for the proper operation of the XDR solution in use. This includes, in particular, ensuring that all connected endpoints can communicate regularly with the G DATA Cloud Backend systems. This requires a stable and continuous Internet connection. In addition, it must be ensured that the installed agent is permanently active on the end devices.
In addition, it is the user’s responsibility to ensure that the software being used and its version number are always up to date. To do this, ensure…
-
that an Internet connection is always available for necessary updates.
-
that the version number reported by the endpoint is up to date.
A key component of operations is the continuous monitoring of the notifications displayed on the web portal.
These must be reviewed regularly, assessed, and addressed in a timely manner. The user decides independently whether further
action or intervention is necessary.
Maintenance of Exceptions is entirely the responsibility of the user or the designated {partner}. In particular, it must be ensured that false positives are detected and handled appropriately. Without proper maintenance of the exception lists, legitimate applications or processes may be incorrectly blocked, thereby disrupting regular operations.
Handling isolated artifacts that have been moved to quarantine also requires the user to perform an independent review to determine whether further action is necessary or whether the artifact can be restored.
Risks associated with insufficient compliance
Insufficient cooperation may result in security incidents not being detected or addressed in a timely manner. There is also a risk that endpoints will not provide up-to-date data or that protective mechanisms will not function as intended. In such cases, the effectiveness of the security solution may be significantly compromised, and attacks may, under certain circumstances, spread. The user is solely liable for any resulting financial or data protection-related damages.
Distinction between G DATA XDR and G DATA 365 | MXDR
Unlike a Managed XDR Service, using G DATA XDR, G DATA does not provide operational
support or take over any tasks.
In particular, the monitoring and evaluation of security alerts, as well as the implementation of measures, are entirely
the responsibility of the user or the user’s service provider.