5 things to look for in an XDR solution

The XDR market is hot, with vendors large and small jumping on the bandwagon. Here are 5 key capabilities to look for when evaluating XDR solutions.

detection radar computer bug threats identify breach  by the lightwriter kao studio getty
kao Studio / Getty Images

About 18 months ago, I first wrote about XDR (eXtended Detection and Response) in this post on CSO.  Since then, it seems every security vendor—major security vendors and small companies alike—has jumped on the XDR bandwagon and embraced the concept.

Some vendors have approached XDR from the endpoint in and others from the network out. Either approach is valid as the premise of XDR is that security shifts from a series of point products to a single platform for threat visibility across the enterprise.  Data is collected from the various enforcement points and then analyzed so threats can be detected faster and, more importantly, can be responded to quickly to contain the blast radius.

Traditional security tools, such as EDR (endpoint detection and response), often find threats but aren't able to understand where the threats emanated from so corrective action can’t be taken. This is why most detection and response tools are much better at the “D” than they are the “R.” XDR corrects that.

5 key capabilities for XDR solutions

XDR cuts across all the security layers, which is why so many vendors have thrown their hat in the ring. This has created a situation where there are a dizzying number of vendors to choose from, some of which are true XDR solutions and some that are XDR by name only.  To help with the decision process, below are five key criteria for XDR solutions:

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.