Cybersecurity solutions have an intermittent success rate, albeit, not as predictable as how well-received Windows editions are. The failure rate is higher.
Certain solutions evolve. Anti-virus grew into endpoint protection and layered in better detection and action for endpoint detection & response (EDR). Managed security service providers spawned or caused, perhaps, the managed detection and response emergence as true security expertise was crystallized into a single service delivering a higher quality of service in a much-needed area.
So what of eXtended Detection and Response, XDR? The popular view we read about is that it has evolved from EDR - that EDR vendors are adding more sources to their platform to improve detection & response.
This is a misleading representation of the market. The truth is that the need for broader coverage, earlier detection and faster, targeted response is driving customer need - but unlike the relatively linear evolution of endpoint-centric protection - nearly all vendors can jump on this bandwagon and create a proposition that seems to tick all the boxes.
Dan Pitman, Director of Product and Technical Marketing
There are a number of different ways XDR is being taken to market, including:
Unfortunately, all of these approaches risk damaging the reputation and restricting the amazing potential of XDR. There are some clear facets of XDR which must be present:
Depending on your needs you might also have other requirements, different integrations or other technology facets of the solution - but the list above contains the solution components which can mean a real difference to the security of your organization and the effectiveness of your security team.
So where do prefixes come into it? If we look to industry definitions, we see that XDR is gaining a variety of prefixes applied to it - native, comprehensive, open, hybrid - all of these can be found on product pages, websites and blogs.
A prefix is dangerous, it causes confusion for customers and is a clear indicator of a fragmented market. Cybersecurity is already significantly fragmented and complex to navigate when searching for a solution.
XDR should have been the chosen one to bring balance between the promise of SIEM and the value of EDR. The fear is that the security industry fragmentation will cause XDR to derail itself by not delivering on its promise, damaging the reputation of EDR and MDR in the process.
The end result is that when buying XDR...check under the hood, it might be an SIEM trap after all!
Learn more about GravityZone XDR to reduce risk and improve efficiency for security teams.
Bitdefender is a global security technology company that delivers solutions in more than 100 countries through a network of value-added alliances, distributors and reseller partners. Since 2001, Bitdefender has consistently produced award-winning business and consumer security technology, and is a leading security provider in virtualization and cloud technologies. Through R&D, alliances and partnership teams, Bitdefender has elevated the highest standards of security excellence in both its number-one-ranked technology and its strategic alliances with the world’s leading virtualization and cloud technology providers.View all posts
Don’t miss out on exclusive content and exciting announcements!