Cybersecurity solutions have an intermittent success rate, albeit, not as predictable as how well-received Windows editions are. The failure rate is higher.
Certain solutions evolve. Anti-virus grew into endpoint protection and layered in better detection and action for endpoint detection & response (EDR). Managed security service providers spawned or caused, perhaps, the managed detection and response emergence as true security expertise was crystallized into a single service delivering a higher quality of service in a much-needed area.
So what of eXtended Detection and Response, XDR? The popular view we read about is that it has evolved from EDR - that EDR vendors are adding more sources to their platform to improve detection & response.
This is a misleading representation of the market. The truth is that the need for broader coverage, earlier detection and faster, targeted response is driving customer need - but unlike the relatively linear evolution of endpoint-centric protection - nearly all vendors can jump on this bandwagon and create a proposition that seems to tick all the boxes.
Dan Pitman, Director of Product and Technical Marketing
There are a number of different ways XDR is being taken to market, including:
Unfortunately, all of these approaches risk damaging the reputation and restricting the amazing potential of XDR. There are some clear facets of XDR which must be present:
Depending on your needs you might also have other requirements, different integrations or other technology facets of the solution - but the list above contains the solution components which can mean a real difference to the security of your organization and the effectiveness of your security team.
So where do prefixes come into it? If we look to industry definitions, we see that XDR is gaining a variety of prefixes applied to it - native, comprehensive, open, hybrid - all of these can be found on product pages, websites and blogs.
A prefix is dangerous, it causes confusion for customers and is a clear indicator of a fragmented market. Cybersecurity is already significantly fragmented and complex to navigate when searching for a solution.
XDR should have been the chosen one to bring balance between the promise of SIEM and the value of EDR. The fear is that the security industry fragmentation will cause XDR to derail itself by not delivering on its promise, damaging the reputation of EDR and MDR in the process.
The end result is that when buying XDR...check under the hood, it might be an SIEM trap after all!
Learn more about GravityZone XDR to reduce risk and improve efficiency for security teams.
tags
Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, enterprise, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world.
View all postsDon’t miss out on exclusive content and exciting announcements!