gate alerts .
• “ Alert fatigue ” is a well known problem in the industry . Although machine learning anal- ysis and SIEM solutions have made the situation better , the volume of alerts and the time required for triage is still over- whelming .
www . AmericanSecurityToday . com April 2021 - Edition 54
What is XDR ?
eXtended Detection and Re- sponse ( XDR ) is the evolution of Endpoint Detection and Response ( EDR ), a technology already de- ployed by most security teams .
eXtended Detection and Re- sponse ( XDR ) is the evolution of Endpoint Detection and Re- sponse ( EDR ), a technology al- ready deployed by most security teams .
XDR provides a model for de- tecting attacks on endpoints , networks , software applications , cloud infrastructure , and virtually any other addressable resource in the network .
What is new about XDR is that it provides visibility into all layers of the network and application stack , with advanced detection , autocorrelation , and machine learning ca- pabilities .
XDR does not replace the existing stack — it integrates with exist- ing tools and combines their data to deliver new insights .
Unlike SIEM , which also collects alerts from all over , XDR can dive deep into the data and perform intelligent analysis , combining pieces of data to create a coherent
25