Understanding XDR – Learn from Industry Authorities
How XDR is Supercharging the MDR space to Reach Next-Level Detection and Response
XDR. The latest in a long list of buzzwords with little objectivity to their definition. Coined by Palo Alto Networks back in 2018, Extended Detection and Response (XDR) has become the next evolution of Endpoint Detection and Response (EDR) with promises of combining signals from multiple sources to increase detection capabilities and decrease response time.
What is XDR?
Forrester defines native XDR as “An XDR suite that integrates with other security tools from their portfolio for the collection of other forms of telemetry and execution of response actions related to that telemetry.” Analyst firm Gartner says XDR is “a Saas-based, vendor-specific, security threat detection and incident response tool that natively integrates multiple security products into a cohesive security operations system that unifies all licensed components.”
While the definitions are clear, the execution of Extended Detection and Response can bring about ambiguity. What alert sources are required? What does the manufacturer provide in their XDR solution set vs. ingest from other products? How is that data ingested? Aggregation vs. Correlation? These questions and more are all answered by the manufacturers building the platforms and define the value organizations will receive from “XDR”.
How CRITICALSTART works with XDR
Where does CRITICALSTART fit into this equation? While our platform (ZTAP) has “XDR capabilities,” we do not—and will not—market it as an XDR Platform. ZTAP is the platform on which we deliver our award-winning Managed Detection and Response (MDR) service by integrating with industry leading technologies that do create XDR platforms for customers to deploy into their environment.
While CRITICALSTART is going to continue to focus on delivering the best service available, we do want to help provide some clarity around the XDR space. So, we’re going right to the manufacturers building the platforms for answers. During the 5-part podcast series, Rated XDR, we speak directly with some of the integration partners supported in CRITICALSTART’s Managed Detection and Response service who are pioneering XDR.
We’ll be interviewing the following leaders in XDR to gain their perspective on this technology, the role they feel it should play, and where it’s heading in the future:
CrowdStrike – Ajit Sancheti – VP, Identity Protection – July 7, 2021
Few players in the security space have seen more post-IPO success than CrowdStrike. They are truly a marketing machine that backs up their presence with solid technical capabilities and vision. Their recent acquisitions of Humio and Preempt have brought additional capabilities to an already well-appointed portfolio. To talk about their approach to security, we’ll speak with the former Founder and CEO of Preempt, and current VP of Identity Protection, Ajit Sancheti.
SentinelOne – Raj Rajamani – Chief Product Officer – July 21, 2021
Leveraging unique “rollback” capabilities, SentinelOne hit the endpoint scene as a remedy to ransomware in a market failing to keep up with a strict prevent-only stance. Through internal development and the acquisition of Scaylr, SentinelOne has broadened its scope of detection capability and is the only privately held endpoint product in the CRITICALSTART MDR portfolio—but though not for long. Joining me to discuss SentinelOne’s strategy in growth and development is the Chief Product Officer of SentinelOne, Raj Rajamani.
Microsoft – Ann Johnson – Corporate Vice President of Security, Compliance, and Identity – August 11, 2021
Causing mixed reaction upon entering the security space, Microsoft has risen quickly in both capabilities and rankings among 3rd parties like Gartner, Forrester, and MITRE. Included with E5 and other bundles, the often already-owned security suite releases regular updates enabling this industry-leading solution to detect threats earlier and respond more effectively. With the expanded functionality from Azure Sentinel tying the Microsoft portfolio together with additional data feeds, Microsoft is bucking the reputation of Windows Defender circa 2016. To discuss the vision of Microsoft Security, we’ll be joined by the change agent who ushered Microsoft to the top of the security industry, Microsoft CVP of Security, Compliance and Identity, Ann Johnson.
Palo Alto Networks – Tim Junio – SVP Product, Cortex – August 25, 2021
Quickly building on the success of their next-generation firewall business, Palo Alto Networks has been a disrupter in cybersecurity. Now a leader across multiple competencies, the ability to acquire and integrate new technology allows them to quickly compete in new verticals of security and create a compelling portfolio. Joining me in the series from one of their more recent acquisitions, Expanse, to talk about Palo Alto Network’s strategy around XDR, is the former CEO of Expanse and Current SVP of Product for Cortex, Tim Junio.
As the Chief Technology Officer and an emerging thought-leader in the security industry, Randy is responsible for designing and executing the company’s strategic technology initiatives, which includes defining the strategy and direction of CRITICALSTART’s Managed Detection and Response (MDR) services delivered by the Zero-Trust Analytics Platform (ZTAP). Previously, Randy served as the Director of Security Architecture, where he set the strategy for emerging vendor technologies, created the Defendable Network reference architecture, and set product direction for the company’s internally-developed Security Orchestration Automation and Response platform.
You may also be interested in…
- Consumer Education(39)
- Consumer Stories(2)
- Cybersecurity Consulting(10)
- Data Breaches(15)
- Data Privacy(43)
- Incident Response(9)
- MDR Services(64)
- Penetration Testing(16)
- Press Release(64)
- Research Report(9)
- Security Assessments(16)
- Thought Leadership(17)
- Threat Hunting(9)
- Vulnerability Disclosure(3)