Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

XDR101 – Why it is a must for enterprises

Adam Philpott from Trellix outlines the benefits of extended detection and response capabilities, explaining why it must form a key part of organisations’ security strategy.

user iconAdam Philpott
Mon, 04 Apr 2022
XDR101 – Why it is a must for enterprises
expand image

Todays world is full of dynamic cyber threats with Australia or New Zealand being no exception. Every day, these threats grow not only in number but also in complexity. To keep pace with attacks and ensure greater peace of mind, organisations today need centralised visibility and quick resolution of their security issues.

In this evolving landscape, endpoint detection and response (EDR), which was formerly the industry standard for business endpoint security, has moved to extended detection and response (XDR), which builds on EDR but offers a new security paradigm in a multifarious endpoint, network and enterprise workload context.

The basics – what is XDR?

============
============

XDR enables companies to go beyond standard detective controls by providing a comprehensive yet straightforward view of threats across the entire tech stack.

It delivers real-time data that is needed to deliver risks to business processes so that better, faster results may be achieved.

XDR products or capabilities ensure higher process efficiency by strengthening detection and response capabilities by integrating visibility and control across endpoints, network and cloud.

Extended refers to the fact that the solution extends across several security vectors including endpoints, network, cloud, and email and other third-party security products. Detection comes from the ability to detect threats across the vectors the moment they arise.

Response enables your organisation to be better prepared to respond effectively to attacks in real time.

Therefore, XDR eliminates the time-consuming detection and investigation processes by providing threat-centric and business context and automating analytics and remediation, minimising the data for machine-human teaming, allowing you to respond to threats faster.

Working smarter not harder with your security

XDR brings value by combining multiple security products into a single, unified security threat detection and response platform. EEDR platforms have evolved into a key incident response tool with XDR. More than a collection of point solutions is needed to detect todays emerging threats.

Organisations are scrambling to secure a rising number of sensitive digital assets both inside and outside the traditional network perimeter as adversaries deploy more complicated tactics, methods and procedures to successfully circumvent and exploit traditional security controls.

Security teams require a platform that proactively combines all relevant security data and identifies advanced adversaries. It is impossible in today’s context to manually identify threats. It is not just painstaking – but almost impossible, given the vast amounts of data that needs to be analysed.

For years, security teams have been stretched, and with new work-from-home mandates, the burden on resources has been intensified.

Enterprises require a comprehensive and proactive security strategy to protect their whole landscape of IT assets, including legacy endpoints, mobile devices and cloud workloads, without overburdening their employees and in-house management resources. Security personnel are battling a deluge of data that leads to alert overload, too many false positives and a lack of data integration with analysis tools or incident response, all while operating under unprecedented levels of stress.

This is where an XDR solution can help enterprise security and risk management leaders to bolster security and drive efficiency.

XDR optimises responses times with its improved capabilities for protection, detection and response that increases operational security personnel productivity.

With lower total cost of ownership for effective security threat detection and response, it provides centralised configuration and hardening capability with weighted suggestions to assist with activity prioritisation.

This eliminates the need to hunt down false positives by automatically correlating and validating alerts and integrates relevant data for faster, more accurate issue triage.

‘Fluid’ security that adapts to threats

Most business executives (78 per cent) are not aware how or when a cyber security event will affect their businesses.

Businesses today need security solutions which combine artificial intelligence, machine learning and automation. Security needs to continually learn and adapt, allowing enterprises to remain resilient with superior detection, response, and remediation capabilities.

Living security which evolves along with the threats is thus crucial to give enterprises the ability to safely manage their IT ecosystems by equipping them with native and open technologies, regardless of their operating environment.

As we move into the post COVID world, cyber security has gone from not only being a business priority but an existential need.

Australia and New Zealand is a region with a track record in early adoption of technology and as such we’ve seen rapid digitisation in the span of a few years and because of this, organisations of all sizes are increasingly becoming prime targets for cyber criminals and being increasingly used as launchpads for cyber attacks.

In the current environment, the Australian government is going so far as to urge organisations to “adopt an enhanced cyber security posture”, recommending strong detection systems” be used to combat rising threats directed to local organisations.

This is where XDR can play a role in going above and beyond in securing a business’ data.

Adam Philpott is the chief revenue officer at Trellix.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.