Today, Cisco XDR is generally available, making it a great day to discuss, “What’s in a name?”
By now we hope you have heard that Cisco XDR is a game changer. That you’ve heard from us, from industry analysts, or your cybersecurity practitioner peers how it simplifies SecOps and makes security better for users and safer for everyone. Delivered by the Cisco Security Cloud platform, it moves the focus from endless investigation to remediating the highest priority incidents with evidence-backed automation. This allows security operations teams to act with greater speed, efficiency, and confidence.
But why is this important?
In the tech world, we love our acronyms. And in cybersecurity we have amassed quite a few.
CASB, CIEM, CVE, DNS, EDR, ETD, MDR, NDR, NGFW, SASE, SOC, SIEM, VPN, ZTNA – the list could easily be longer than this blog.
Then along came Extended Detection and Response, giving us XDR. If you and I have similar tenure in cybersecurity, you may even know this concept by alternative names.
Far from being just another acronym, XDR introduced the concept of connecting security events from multiple disparate sources. This concept has evolved over many years into connecting those events and adding context to understand the occurrence.
Widely expanding the timeframe, we search for connected events. Associating vulnerability details for known systems involved in an event. Understanding how we can build standard responses for these events and developing incident response plans.
The expectations of security practitioners now fit this XDR evolution.
Practitioners should now expect detection analysis to span all potential sources of security events in their environments. They should expect non-security events to be considered when the situation deems them viable. That potential attack timeframes analyzed span larger amounts of time to automatically confirm seemingly different events as one. That defined responses clearly mapped to an incident are being presented and that an organization’s assets, their value, and their ownership provide business and risk context that contribute to incident priority.
If the expectations are set for these rich requirements in conducting incident management, analysis, and response, shouldn’t the XDR security tools follow suit? Shouldn’t the security solutions and services every vendor provides deliver what is expected?
At Cisco, we stand beside you and resoundingly say, “Yes, they should!”
And today, as proof of that statement, we proudly present Cisco XDR for General Availability. An XDR solution built for the challenges of 2023 and beyond. One that allows SOC teams to move away from endless investigation and instead spend their time remediating the most critical incidents across their security stack quickly and efficiently. Regardless of the vendor or vector, whether that be EDR, NGFW, NDR, Email, or Cloud.
So, what’s in a name? In the XDR space, it will come down to which vendor delivers on the new expectations, rather than resting on their reputation. Believe in what you see, what works, what makes your job easier. We understand what you expect, what you need, and with Cisco XDR, we are delivering on those expectations.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels