In a new 12-minute video Rakesh Shah AVP Product Management and Development of AT&T Cybersecurity, explains Extended Detection and Response (XDR). This video was part of the virtual Black Hat USA event in August. It’s not product-specific and explains what can be a very confusing concept in a delightfully simple way.
XDR and why we need it
XDR brings together multiple different data sources – the network, endpoints, cloud and third-party data. Driving the need for XDR above and beyond previous approaches is that companies are drowning in defense-in-depth. Companies have multiple disparate security point products creating an overwhelming number of alerts. This leads to difficulty in conducting investigations.
XDR business value
XDR protects your investments in best-of-breed security products while increasing efficiency and orchestration to make it all work together better. Efficiency in security operations lets you detect, respond, and recover faster.
So, what is XDR? It’s about detection, incident response, and automation. It’s a new approach that lets you bring together best-of-breed products and focus on the outcomes you want. Add in managed services, and you get to Managed Extended Detection and Response (MXDR) – the good life!
Open XDR
With an open approach, enabled by APIs, there’s no “rip and replace” of existing point products. Instead, best-of-breed products can be integrated, with deep API integration. This allows you to:
Normalize raw log data
Collect and enrich log data
Perform threat analysis
Coordinate response actions
Provide security orchestration and automation
Allows access to built-in dashboards for your security point products.
Check out Rakesh’s video:
More Stories
Friday Squid Blogging: Squid Game Season Two Teaser
The teaser for Squid Game Season Two dropped. Blog moderation policy. Read More
Clever Social Engineering Attack Using Captchas
This is really interesting. It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually...
US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities
In its fourth annual report, the US Cyberspace Solarium Commission highlighted the need to focus on securing critical infrastructure and...
Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable
A new report by Check Point Software highlights a significant increase in cloud security incidents, largely due to a lack...
Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions
The bank giant and Quantinuum trialed the first application of quantum-secure technology for buying and selling tokenized physical gold Read...
This Windows PowerShell Phish Has Scary Potential
Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who...