"Extended detection and response (XDR) describes a unified security incident detection and response platform that automatically collects and correlates data from multiple proprietary security components."
According to Gartner, “Through 2025, policy misconfigurations, not firewall flaws, will remain the cause of 99% of firewall breaches and bypasses.”1 With the majority of the world working from home, it is imperative now more than ever that “security and risk management leaders should limit firewall platform diversity to minimize self-inflicted configuration errors, and save money/resources in other security technologies to secure the network from modern attacks.”1
Key Findings from Gartner:
- "Security and risk management leaders are struggling with too many security tools from different vendors with little integration of data or incident response."
- "Extended detection and response (XDR) products are beginning to have real value in improving security operations productivity with alert and incident correlation, as well as built-in automation."
- "XDR products may be able to reduce the complexity of security configuration and incident response to provide a better security outcome than isolated best-of-breed components."
- "XDR products have significant promise, but also carry risks such as vendor lock-in. The XDR market is immature and capabilities vary widely across products from different vendors."
To read more Gartner recommendations access this report.
1 Source: Gartner, Innovation Insight for Extended Detection and Response,Peter Firstbrook, Craig Lawson,Refreshed 8 April 2021, Published 19 March 2020
Understanding what’s going on inside our environment, from the perspective of data movement and data loss gives us a holistic view to make it easier to identify abnormal events.