What is XDR & Why Is It Important?

What is XDR?

The most common definition of XDR is Extended Detection and Response. ‘Extended’ refers to coverage beyond the endpoint (an endpoint is pc or server) and can include data sources such as firewalls, email, cloud and mobile.

The Extended coverage gives greater visibility to an organisations data and systems, enhancing the detection and response capabilities. Put simply, the more data there is to analyse the better the detection rates and outcome.

XDR is often compared to EDR when in fact EDR (Endpoint Detection and Response) is a key component of XDR. While EDR focuses on the endpoints (computers and servers), XDR extends to include any data sources possible.

XDR and EDR Compared
The components of XDR and EDR

Why is is important?

XDR provides the additional data that can provide context to an analysis. It covers multiple areas of an ICT environment can provides the ability to track anomolies across across surfaces.

By combining data logs from multiple sources (firewall and endpoints) activity that initially seems harmless can be quickly identified as malicious.

An example is a drive-by-download virus from a user visiting a comprimised website. With XDR, suspicious activity can be analysed to see what’s happening inside the PC and across the network. Including both endpoint and firewall data can help detect if a virus or trojan is attempting to open connections in and outside of the organisation.

Ultimately, XDR not only helps protect from attack, it allows a threat investigation to better detect events, identify a root cause and understand the impact it’s had across the organisation.

CyberOnRamp XDR includes Deep Learning AI to constantly watch for suspicious activity. Historical data is collected for 30 days, giving us the power to perform a threat investigation, even when a device is offline.

Stressed Out Business Leader

How Would You Respond To An Attack?

programmer in front of screen

What is XDR & Why Is It Important?

team training

Cyber Security. It Starts With You.