BlackBerry Guardis a subscription-based, 24x7-managed extended detection and response (XDR) service that provides actionable intelligence for customers to prevent threats quickly, while minimizing alert fatigue without requiring additional resources. This service is fully integrated with
BlackBerry Gateway, and third-party vendors to provide holistic and unified telemetry across all endpoints and enable highly skilled
BlackBerryanalysts to threat-hunt through customer environments to find and contain threats, prevent major breaches, and allow organizations to mature their security posture.
BlackBerryhas the strategy, expertise, and technology to protect an organization by analyzing, preventing, and containing threats as well as large-scale breaches.
BlackBerry Optics, which are a part of the
BlackBerry Spark Suiteand
Cyber Suite. The suites also include
BlackBerry Gateway, which are applicable to
BlackBerry GuardAdvanced subscriptions. For more information, see the Product requirements.
What's included in the subscription
The following table highlights the features that are included in
BlackBerry GuardAdvanced and
BlackBerry GuardEssentials subscriptions.
BlackBerry GuardAdvanced subscription includes closed-loop communications and access to a
Guardanalyst to help navigate incidents and provide regular updates and ongoing review of the overall threat prevention status. Optionally, Advanced customers are also eligible to secure services for third-party applications, such as for integrating and managing telemetry data from SIEM.
Customized product configuration, optimization, and assurance (including
Email, portal, and mobile alert escalation management
Automated and proactive threat hunting (Alert, intelligence, and methodology hunting)
Defined service levels
Outreach for critical alerts
BlackBerry Guardanalysts for incident response, guidance, and strategy
Monthly reports on activity and threat landscape
Quarterly reports and ongoing prevention review with
Support for third-party solution integration
1You must obtain a third-party solution (for example, for SIEM integration). For more information, see Supported third-party integrations.
- Customized product configuration, optimization, and assurance: Leverage the expertise ofBlackBerry UESThreatZero experts for a personalized, white-glove service to optimize theBlackBerry Guardsolution.
- Email alerts and escalation management: Receive email notifications.
- 24x7x365 monitoring:BlackBerry Guardanalysts are monitoring all day and night on all 365 days of the year to follow up on triggering events.
- Automated and proactive threat hunting (Alert, intelligence, and methodology hunting): This includes ongoing collection of artifacts and information to facilitate hunting of potential security threats. Threat hunting occurs using various different methods, including alert-based, intelligence, and methodology hunting, leveraging proven methods that identify potential attacks, data exfiltration, unauthorized access, or other potential vectors of compromise in the environment.
- Defined service levels: Service levels for security event investigation, median incident resolution time, andBlackBerry Guardmonthly reports are defined.
- Outreach for critical alerts: When there is a critical alert,BlackBerry Guardanalysts reach out to make sure the customer is aware of the situation.
- Access to: When a threat has been identified, consultBlackBerry Guardanalysts for incident response guidance and strategyBlackBerry Guardanalysts to guide you through your incident response plan. For example, you can engage theBlackBerrySecurity Services Incident Response team, who will work together with an analyst to guide you to a resolution as quickly as possible.
- Monthly reports on activity and threat landscape: Receive monthly reports on activity and the threat landscape.
- Quarterly reports and ongoing prevention reviews:BlackBerryexperts provide insight and knowledge to help obtain and maintain a state of prevention.
- Support for third-party solution integration: IntegrateBlackBerry Guardwith third-party solutions for managed XDR services in a single unified console to improve visibility and control of security incidents.