Lead Image © Kritiya, 123RF.com

Lead Image © Kritiya, 123RF.com

Extended detection and response in networks, endpoint devices, and the cloud

Searching for a Cure

Article from ADMIN 70/2022
Extended detection and response (XDR) integrates security functions across endpoint devices and networks. But is XDR the only integrated approach to cybersecurity challenges? We investigate the new technology.

Information technology (IT) is indispensable for core processes in companies that face a tremendous threat to their IT systems. Cybersecurity has moved beyond the IT department to become a central management task. Laws, regulations, and the associated rules of critical infrastructures (CRITIS) make it clear how great is this threat and the need for suitable countermeasures. Manufacturers and service providers have long since responded with an almost countless range of products and services, from traditional software products such as antimalware to artificial intelligence (AI)-based systems for identifying security incidents and the complete operation of security operations centers as a service.

One of the biggest challenges is not the lack of suitable technology, but how to use it correctly and the personnel and knowledge required to do so. Even where technology is good and powerful, it still has to be used properly, and the skills gap (i.e., the lack of personnel and knowledge) has long been a central issue, especially in the complex field of IT security. In this environment, can improved and more powerful integrated solutions such as extended detection and response (XDR) be understood, and what exactly do you need to understand these solutions?

Devices and Networks

XDR as a term emerged in 2018 and is attributed to software vendor Palo Alto Networks. As the term implies, it is about extending existing systems and detecting, identifying, and responding. The integrated approach is not inherent in this term but is an important implicit component. XDR systems are typically offered as software as a service (SaaS), although this is not a requirement in terms of strategy.

The extension part in XDR specifically refers to endpoint detection and response (EDR), as well as network detection and response (NDR). XDR now creates approaches that focus on both endpoints and networks, where

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.