bienvenido a t-cert
Extended Detection and Response (XDR) is a natural extension of the Endpoint Detection and Response (EDR) concept, in which behaviors that occur after the threat prevention controls are in place are further inspected for activity potentially malicious, suspicious or risky that justify its mitigation. The difference is simply the location (endpoint or beyond) where the behaviors occur.
XDR solutions are becoming more popular as organizations recognize the inefficiencies, and in many cases inefficiencies, of security infrastructures comprised of many individual “best-in-class” security products that are implemented by different vendors across weather. Common challenges arising from this knit product approach include:
Security Breaches - By operating each product in its own silo, opportunities often arise for cyberattacks to get in the way
Too Much Security Information - With each product generating individual alerts and other information, security teams can easily miss indicators of cyber attacks
Uncoordinated response: by operating each product independently, it is up to the human operator to share information and coordinate response actions
Based on these experiences, many organizations seek to consolidate security vendors and products in favor of integrated solution sets.
By moving to an integrated security infrastructure, organizations can often close security gaps, correlate security information, and automate operations. Of course, to get the full benefit, it is important to evaluate the breadth, effectiveness, integration, and automation of the XDR solution suites.
.jpg){kind=small}