Does XDR Mark the Spot? 6 Questions to Ask

Extended detection and response technology goes well beyond endpoint management to provide visibility into networks, servers, cloud, and applications. Could it be the answer to your security challenges?

(Image: Gorodenkoff via Adobe Stock)

(Image: Gorodenkoff via Adobe Stock)

Extended detection and response – aka XDR – is one of those “buzzy” solution terms that seems to be everywhere in security lately. But despite the hype, there is still a lot of misunderstanding around the technology.

XDR promises to go beyond endpoint monitoring and detection to extend visibility into networks, servers, cloud, and applications. XDR analyzes data from all of these locations, takes action on threats, and sends information back to analysts.

Indeed, threat detection and response (TDR) is still a major pain point for security. According to research firm ESG, 83% of organizations will increase spending on threat detection and response this year. 

“Organizations have been spending regularly on threat detection and response but still can’t detect sophisticated threats. And it takes too long to detect and respond to even common threats,” says Jon Oltsik, a senior principal analyst at ESG. “By aggregating threat detection and response across multiple controls, XDR promises to improve TDR efficacy and streamline operations. This value proposition is too good to ignore, so XDR is getting lots of attention.”

Is XDR right for your organization? Here are some common questions to ask as you think it through.

Joan Goodchild is a veteran journalist, editor, and writer who has been covering security for more than a decade. She has written for several publications and previously served as editor-in-chief for CSO Online. View Full Bio


1 of 7


Recommended Reading:

More Insights


Next Post

Molson Coors Beer Operations Halted by Hack

Thu Mar 11 , 2021
Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2021-20674PUBLISHED: 2021-03-12 Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user […]