As an MSSP (Managed Security Service Provider), there is no overstating the intense and well-founded focus on pervasive network security. Whether an organization is looking to secure the network, endpoint, email, cloud, applications, identity, or anything in between, security professionals are overwhelmed with the sheer volume of tools, technologies, and security methodologies that need to be considered. This is only exacerbated by the increasing number of complex threats and techniques being employed by bad actors and nation states.

Current Security Challenges Facing Customers

Regardless of vertical or segment focus, all organizations have been struggling for years to design and deploy a comprehensive, scalable, and effective security architecture to mitigate these constant and increasing threats. Organizations are in desperate need of solutions and strategies to identify, assess and remediate threats by applying analytics to collected telemetry data.

One of the biggest challenges these organizations face is dealing with too many alerts and managing all the issues, which makes it difficult to decide where to focus their valuable time, effort, and resources.

Because of these challenges, more and more organizations are turning to MSSPs. These providers help them discern, implement, and manage the most effective solutions and methodologies to achieve, maintain and continuously assess their security posture.

Enter | Extended Detection and Response (XDR)

One solution that many MSSPs and their customers are evaluating and adopting is Extended Detection and Response (XDR) platforms.

By definition, a single extended detection and response solution allows providers to achieve three primary outcomes:

  1. The collection of telemetry from multiple security tools.
  2. The ability to apply analytics to that collected data to detect threatening behavior.
  3. The ability to respond to and remediate those threats.

An effective XDR platform takes data from several elements (such as endpoint, network, email, cloud, identity, firewall), moves that data into a data lake, applies threat intelligence, asset context, user context and compares it against the MITRE framework. This process allows for the prioritization of impact and remediation.

The reduction in investigation time and the ability to accelerate response time leads to increased operational efficiency within an organization.

At the end of the day, the solution should be outcome focused. It should aim to achieve the following:

  1. Reduce the average time to resolution.
  2. Cut the costs associated with breaches.
  3. Decrease the percentage of missed threats.
  4. Increase the percentage of threats blocked.
  5. Improve detection, reporting, and response to threats through automation.

By focusing on these outcomes, the solutions can effectively enhance overall security.

Enter | Cisco XDR (Extended Detection and Response)

Although these can be extremely complex technologies in their respective parts, Cisco XDR is simplifying extended detection and response for end customers and for MSSPs.

Cisco XDR is a powerful SaaS-based platform which natively correlates telemetry data allowing users and MSSPs to identify and focus on the most critical security events which demand attention.

One key feature is the ability for Cisco’s XDR to natively integrate with several 3rd party solutions across endpoint, network, cloud and application improving security efficacy. This is a critical capability due to the expansive landscape of security vendors being used by most customers and MSSPs.

In addition to the power and versatility of Cisco’s XDR offering, customers and MSSPs will be able to consume Cisco XDR through various flexible consumption models. Increasingly, within the multi-vendor security landscape, customers and MSSPs are choosing to consume many SaaS based offers, like Cisco XDR, via utility, post-paid model licensing agreements. This will allow organizations to post-pay only for what licenses are used, as opposed to paying up front and running the risk of needlessly paying for unused licenses.

In short, as an MSSP supporting multiple customers with both common and customized needs, Cisco XDR is a powerful solution which should be considered as one which addresses concerns over increasingly complex and multiplying threats, budget constraints, evolving compliance requirements and alert fatigue fueled by an ever-growing and segregated set of security tools.

As a leader within the MSSP market, please reference the resources below to familiarize yourself with the power of Cisco XDR and how it will help you further differentiate your organization within the Managed Security market.



Learn more about how you can #GoManaged:

Visit Cisco XDR

Subscribe to the Cisco Partner Managed Services Voice of the Engineer (VoE)

Access the XDR dCloud Demo Portal

Subscribe to XDR on Youtube



We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with #CiscoPartners on social!

Cisco Partners Facebook  |  @CiscoPartners X/Twitter  |  Cisco Partners LinkedIn



Floyd Dacosta

Solutions Architect

Americas Partner Organization