In a new 12-minute video Rakesh Shah AVP Product Management and Development of AT&T Cybersecurity, explains Extended Detection and Response (XDR). This video was part of the virtual Black Hat USA event in August. It’s not product-specific and explains what can be a very confusing concept in a delightfully simple way.
XDR and why we need it
XDR brings together multiple different data sources – the network, endpoints, cloud and third-party data. Driving the need for XDR above and beyond previous approaches is that companies are drowning in defense-in-depth. Companies have multiple disparate security point products creating an overwhelming number of alerts. This leads to difficulty in conducting investigations.
XDR business value
XDR protects your investments in best-of-breed security products while increasing efficiency and orchestration to make it all work together better. Efficiency in security operations lets you detect, respond, and recover faster.
So, what is XDR? It’s about detection, incident response, and automation. It’s a new approach that lets you bring together best-of-breed products and focus on the outcomes you want. Add in managed services, and you get to Managed Extended Detection and Response (MXDR) – the good life!
Open XDR
With an open approach, enabled by APIs, there’s no “rip and replace” of existing point products. Instead, best-of-breed products can be integrated, with deep API integration. This allows you to:
Normalize raw log data
Collect and enrich log data
Perform threat analysis
Coordinate response actions
Provide security orchestration and automation
Allows access to built-in dashboards for your security point products.
Check out Rakesh’s video:
More Stories
Friday Squid Blogging: Squid Sticker
A sticker for your water bottle. Blog moderation policy. Read More
Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe
OpenAI must also initiate a six-month public awareness campaign across Italian media, explaining how it processes personal data for AI...
Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers
The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine Read...
LockBit Admins Tease a New Ransomware Version
The LockBitSupp persona said LockBit 4.0 will be launched in February 2025 Read More
Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns
The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging...
CISA Urges Encrypted Messaging After Salt Typhoon Hack
The US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging...