Cloud-Native Architecture the alert . www . AmericanSecurityToday . com April 2021 - Edition 54
Because XDR lives in the cloud , it can collect data from cloud-native constructs like cloud compute instances , containers or serverless functions .
XDR can store security playbooks for known threat scenarios , and execute these playbooks when an attack is discovered , dramatically shortening time to mitigation .
It can scale up to meet demand , uses modern data lake infrastructure to store and query vast amounts of security data , and uses APIs to easily integrate with existing security and IT systems .
AI-Driven Automation
XDR can automate incident identification and investigation , but doesn ’ t stop there .
It can also autonomously respond to security threats , even before security analysts have seen
Conclusion
XDR actively changes the nature and lifecycle of incident response .
Alarms are no longer passive signals waiting to be investigated by security teams using a complex stack of tools .
Instead , it provides actionable information that security analysts can immediately use to investigate threats and react to them .