XDR explained in 300 words

XDR is the rising star of new acronyms, but you might have to read a 1,000+ word long article to understand its value. Let’s try to do it briefly in about 300 words.

X means to expand DR’s Detection and Response — systems — to cover your entire attack surface, not just a portion of it. The current security operations are built on siloed noisy tools which create blind spots with high volume of alerts, which can cause alert fatigue. Hackers not only attack those blind spots, they also attack several aspects of your environment to overwhelm your security team.

Request A Demo

When your team is faced with thousands of individual alerts routinely it is difficult for anyone to know where to start. XDR leverages machine learning to automatically correlate the disparate alerts into incidents to close this gap. The incidents are scored and prioritized before they are presented in a simple to understand format highlighting the shortest path to remediation.

Currently there are five different approaches to XDR, and this is why you’re seeing so much ‘marketing’ going on from these camps:

  • EDRs are making the move to XDR, calling it eXtended Detection and Response. They are extending the EDR from its original focus on endpoint to covering a broader piece of your attack surface like application logs.
  • Some NDRs are making the move to XDR too. They have a similar path extending detections from its original focus on network to covering a broader piece of your attack surface like emails.
  • SOARs may also add big data lakes for logs and their long-term storage to help add detections to a response-only platform.
  • SIEMs are adding better ways to data-mine their data lakes, looking for signal patterns to correlate and adding response.
  • And emerging XDR pure-players are building companies from the ground up that fulfill the promise of both broad and accurate detections with fast response across the entire attack surface

To summarize, XDR is about the big picture, finding the needles in the haystack quickly without creating more hay!!! and responding quickly and accurately.

At Stellar Cyber — we think X means everything — regardless of where you are coming from and which existing tools you use, and regardless of where you want to go in terms of security maturity. Open XDR is Everything Detection and Response.

Contact me for a lively discussion:

brian@stellarcyber.ai

--

--

--

Stellar Cyber’s Open XDR platform delivers Everything Detection and Response by unifying all currently disjointed security tools and data sources.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Are Cybersecurity requirements emergent properties?

Idena announces the winners for its challenges at GitxChange Hackathon

Privacy Issues Raised by Advanced Technologies

SAVE YAM! 🍠

{UPDATE} TIC TAC TOE Jelly XO 2 Player Hack Free Resources Generator

{UPDATE} Tactical Mind Hack Free Resources Generator

How Does the Internet Work?

{UPDATE} Ms. PAC-MAN Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Stellar Cyber

Stellar Cyber

Stellar Cyber’s Open XDR platform delivers Everything Detection and Response by unifying all currently disjointed security tools and data sources.

More from Medium

Gaining Christ

Animal Farm: A Short Review

Prime Time

BUY, COLLECT AND TRADE 3D ASSETS OF YOUR FAVORITE CELEBRITIES: HERE COMES HELON