Extended detection and response – aka XDR – is one of those "buzzy" solution terms that seems to be everywhere in security lately. But despite the hype, there is still a lot of misunderstanding around the technology.
XDR promises to go beyond endpoint monitoring and detection to extend visibility into networks, servers, cloud, and applications. XDR analyzes data from all of these locations, takes action on threats, and sends information back to analysts.
Indeed, threat detection and response (TDR) is still a major pain point for security. According to research firm ESG, 83% of organizations will increase spending on threat detection and response this year.
"Organizations have been spending regularly on threat detection and response but still can't detect sophisticated threats. And it takes too long to detect and respond to even common threats," says Jon Oltsik, a senior principal analyst at ESG. "By aggregating threat detection and response across multiple controls, XDR promises to improve TDR efficacy and streamline operations. This value proposition is too good to ignore, so XDR is getting lots of attention."
Is XDR right for your organization? Here are some common questions to ask as you think it through.