XDR – Extended Detection and Response

XDR represents an emerging class of tools that aggregate and analyze data from multiple point products to help security operations teams improve the efficacy of threat detection and accelerate incident response.

 

XDR tools have pre-built integrations to harness telemetry from, and interoperate with, endpoint, network, email, cloud, SIEM/SOAR and other solutions.

 

In pursuit of expanded visibility, XDR is the logical evolution beyond single-product platforms like EDR (endpoint detection and response) or NDR (network detection and response).

 

XDR uses artificial intelligence (AI)/machine learning (ML) techniques to correlate activity across these multiple solutions to help isolate true threats from all of the noise.

 

XDR tools have some overlapping capabilities with SIEM and SOAR solutions and it will be interesting to watch as vendors in these segments compete going forward. 

 

Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.