10 things you should know about XDR

An initiative more than a technology, XDR seeks to simplify and unify security technologies to make the whole greater than the sum of its parts.

integration / exchange / unification / cohesion / unified blocks
ipopba / Getty Images

There was early chatter about XDR at the RSA Conference last February.  Since then, XDR has gained momentum and will likely become the hot term at next year’s event. 

Despite the energy, XDR is still in an early stage and fraught with hyperbole leading to confusion.  My wicked smart colleague Dave Gruber and I have spent hours on Zoom analyzing our data and debating the value and future of XDR.  Allow me to answer some of the your burning XDR questions (in no particular order).

What the heck is XDR anyway?

ESG defines XDR as an integrated suite of security products spanning hybrid IT architectures, designed to interoperate and coordinate on threat prevention, detection and response.  In other words, XDR unifies control points, security telemetry, analytics, and operations into one enterprise system. 

Which security technologies are included in XDR?

Here’s where it gets confusing as each vendor is going to skew XDR to the products they offer.  If you sell email security products/services, it’s likely going to be part of XDR.  If not, it won’t be part of XDR.  While vendors will offer different XDR bundles, ESG research indicates that large organizations really want XDR to include endpoint/server/cloud workload security, network security, coverage of the most common threat vectors (i.e., email/web), file detonation (i.e., sandboxing), threat intelligence, and analytics.  XDR vendors have also added basic security orchestration, automation and response (SOAR) capabilities. 

To continue reading this article register now

The 10 most powerful cybersecurity companies