SOPHOS – XDR
Extended Detection and Response
Security teams are increasingly interested in adding Extended Detection and Response (XDR) tools to their defensive arsenals. Sophos, one company providing XDR solutions, has just released a beginner’s guide to help security practitioners better understand the technology and how to make use of it.
What is XDR?
Let’s start by looking at the definition of XDR, as depending on who you ask the exact wording can vary:
- Extended Detection and Response is the most commonly used definition, being adopted by many analyst firms and cybersecurity vendors. “Extended” refers to going beyond the endpoint and server, bringing in additional data sources such as firewall, email, cloud, mobile, and others.
- Cross-product Detection and Response is another wording, referring to data being combined from multiple products and security layers.
- The third interpretation uses the ‘X’ in XDR as a mathematical variable that stands in for whichever data sources are being leveraged as part of the solution. Whichever definition you use for XDR they all reference and make use of the same core components. The ability to access and query a range of data sources to give your organization greater visibility and context.