Breaking down the XDR hype. And why it could (will) pay to talk to us first.

In our latest blog, ‘Breaking down the XDR hype, why it could (will) pay to talk to us first,’ we discussed what XDR is and why – even though it’s still an evolving concept - it’s important to you and your customers.
What does XDR mean, and do?
In effect, XDR is the all-grown-up version of EDR (Endpoint Detection and Response).

The primary difference is that while EDR collects and correlates activities across multiple endpoints, XDR goes all out to provide proactive detection, analytics, and response across endpoints, networks, servers, cloud workloads, SIEM, and much more.

Forrester Research defines XDR as: “The evolution of EDR, which optimises threat detection, investigation, response, and hunting in real-time. XDR unifies security-relevant endpoint detections with telemetry from security and business tools such as network analysis and visibility (NAV), email security, identity and access management, cloud security, and more. It is a cloud-native platform built on big data infrastructure to provide security teams with flexibility, scalability, and opportunities for automation.”

Or, to paraphrase Gartner’s more digestible definition: XDR is a SaaS security threat detection and incident response tool. It’s vendor-specific and natively integrates multiple security products (see Forrester’s list above) into a single ‘cohesive security operations system that unifies all licensed components.’

In a nutshell, XDR delivers:

1.       Holistic protection against cyberattacks, unauthorised misuse and access

2.       Visibility across all data (from network to endpoint and cloud data)

3.       Analytics and automation 
Why is XDR so hot right now?
According to the Gartner Hype Cycle™ for Security Operations, 2022, XDR is at peak market interest. At the 2022 RSA Conference in San Francisco, the hottest topic was XDR. And according to a research paper by Enterprise Strategy Group (ESG), 38% of cybersecurity professionals believe that XDR can provide a centralised management hub for security operations.

If XDR lives up to expectations (which will vary from product to product, depending on maturity), it should deliver reduced complexity and lower costs, improved security visibility, incident response and remediation, increased productivity, and fewer infrastructure blind spots.

And because XDR simplifies and strengthens security processes faster, cybersecurity teams can be more proactive and wrap up their investigations more efficiently. All of which is music to the ears of CISOS and CFOs worldwide. 
Are all XDR products and partners the same?
We say no, but you’d probably expect us to say that anyway. However, we’ll let the facts speak for themselves when it comes to XDR from SentinelOne.

Over the past few months, Singularity XDR from SentinelOne has outperformed every other vendor in the MITRE ATT&CK evaluations (in more ways than one). In the MITRE Engenuity ATT&CK® 4th Evaluation, SentinelOne delivered: 

  • 100% Protection: (9 of 9 MITRE ATT&CK tests)

  • 100% Detection: (19 of 19 attack steps)

  • 100% Real-time (0 Delays)

  • 99% Visibility: (108 of 109 attack sub-steps)

  • 99% – Highest Analytic Coverage: (108 of 109 detections)

SentinelOne has had unrivalled success in the Gartner Critical Capabilities report and positioned itself firmly in the leaders quadrant of the 2021 Gartner EPP Magic Quadrant.

If you need more proof, check out the infographic on this vendor’s web page based on MITRE ATT&CK’s results analysis, and you’ll see that SentinelOne is ranked as the clear leader in analytics detection.

We’re pretty impressed with SentinelOne, and we think channel partners will be too. Especially when they can think big on behalf of their customers but start small with single license purchases. 
Want to find out more? Download the XDR Webinar recording!