3 XDR market challenges

XDR is a promising concept, but XDR vendors face deployment challenges and competition on several fronts.

three global network puzzle pieces
Metamorworks / Getty Images

My colleague Dave Gruber and I are all over this new concept called XDR.  Just what is this new acronym all about?  In a recent post, I defined XDR as:

An integrated suite of security products spanning hybrid IT architectures, designed to interoperate and coordinate on threat prevention, detection and response. XDR unifies control points, security telemetry, analytics, and operations into one enterprise system.

Sounds interesting, right? But is there a market for yet another type of security product?  ESG research certainly indicates that there is:

  • 76% of security professionals say that threat detection and response is more difficult today than it was 2 years ago. Why?  Organizations must deal with the volume and sophistication of cyber-threats, an increasing cybersecurity workload, and a growing attack surface.  Infosec pros also bemoan the fact that they still rely on manual processes and an army of point tools for threat detection and response. 
  • To address these issues, 82% of organizations are building a security technology architecture that integrates multiple products together. Furthermore, 77% of firms are actively consolidating the number of security technology vendors they do business with.
  • And 80% of organizations say they would be willing to spend the majority of their security technology budget with a single enterprise-class cybersecurity technology vendor — assuming it had a technology portfolio that met their requirements.

Now, in theory, XDR fits these issues and meets threat detection and response needs like a custom-made suit.  Think of XDR as a modern SOC-in-a-box, designed to integrate controls, normalize telemetry, provide advanced analytics, and automate responses.  In ESG terms, XDR qualifies as a security operations and analytics platform architecture (SOAPA)

Heavyweights like Broadcom (Symantec), Check Point, Cisco, FireEye, McAfee, Microsoft, Palo Alto Networks, Trend Micro, and VMware are gluing security controls together as quickly as they can to offer some form of XDR today.  Likewise, for EDR players like CrowdStrike, Cybereason, and SentinelOne who start at the endpoint and partner for additional security technology coverage. 

XDR seems like the real deal — in theory — and may succeed over time.  That said, ol’ Dave and I see three BIG challenges ahead for this burgeoning market segment:

To continue reading this article register now

The 10 most powerful cybersecurity companies