Extended detection and response explained

Extended detection and response (XDR[1] [2] [3]) is a cybersecurity technology that monitors and mitigates cyber security threats.[4] [5]

Concept

The term was coined by Nir Zuk of Palo Alto Networks in 2018.[6]

According to Chapple, Stewart and Gibson, XDR is not so much another tool as the collection and integration of several concepts into a single solution, the components varying from vendor to vendor and often including NTA (network traffic analysis), NIDS and NIPS.[7]

According to Gartner:[8]

The system works by collecting and correlating data across various network points such as servers, email, cloud workloads, and endpoints.[9] The data is then analyzed and correlated, lending it visibility and context, and revealing advanced threats. Thereafter, the threats are prioritized, analyzed, and sorted to prevent security collapses and data loss. The XDR system helps organizations to have a higher level of cyber awareness, enabling cyber security teams to identify and eliminate security vulnerabilities.[10]

The XDR solution monitors the malware detection and antivirus capabilities of the endpoint detection and response (EDR) system and many extra cyber log sources to create greater context for Security Operations Center (SOC) teams to perform faster threat detection, investigation and response. XDR improves on the EDR capabilities to deploy high-grade security solutions by utilizing current technologies which proactively identifies and collects security threats, and employs strategies to detect future cyber security threats. It is an alternative to reactive endpoint protection solutions, such as EDR and network traffic analysis (NTA).

See also

Notes and References

  1. https://www.paloaltonetworks.com/cyberpedia/what-is-xdr What is XDR? - Palo Alto Networks
  2. https://www.cisco.com/c/en/us/products/security/what-is-xdr.html What is XDR? - Extended Detection and Response - Cisco
  3. Web site: What Is Extended Detection and Response (XDR)? . Trellix.
  4. Web site: Gartner Top 9 Security and Risk Trends for 2020. 2020-10-26. www.gartner.com. en-US.
  5. Web site: Understanding XDR Security: Complete Guide. 2020-10-26. Cynet. en-US.
  6. Web site: Rubin . Kevin . 2021-07-12 . What is extended detection and response? . 2022-07-29 . Stratosphere Networks IT Support Blog - Chicago IT Support Technical Support . en-US.
  7. Book: Mike Chapple, James Michael Stewart, Darril Gibson . (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide . Wiley . June 2021 . 978-1-119-78623-8 . 9th . 49 . En.
  8. Web site: Untangling XDR: Our Take on the 2023 GartnerĀ® Market Guide . 2023-10-26 . www.trellix.com . en.
  9. Web site: What is Extended Detection and Response (XDR) .
  10. Web site: Oltsik. Jon. 2020-06-08. What is XDR? 10 things you should know about this security buzz term. 2020-10-26. CSO Online. en.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Extended detection and response".

Except where otherwise indicated, Everything.Explained.Today is © Copyright 2009-2025, A B Cryer, All Rights Reserved. Cookie policy.