{"appState":{"pageLoadApiCallsStatus":true},"articleState":{"article":{"headers":{"creationTime":"2025-03-07T22:01:07+00:00","modifiedTime":"2025-03-11T13:55:23+00:00","timestamp":"2025-03-11T15:01:32+00:00"},"data":{"breadcrumbs":[{"name":"Technology","_links":{"self":"//dummies-api.coursofppt.com/v2/categories/33512"},"slug":"technology","categoryId":33512},{"name":"Cybersecurity","_links":{"self":"//dummies-api.coursofppt.com/v2/categories/33537"},"slug":"cybersecurity","categoryId":33537}],"title":"Takeaways about Extended Detection and Response (XDR)","strippedTitle":"takeaways about extended detection and response (xdr)","slug":"takeaways-about-extended-detection-and-response-xdr","canonicalUrl":"","搜指数擎组件改善":{"metaDescription":"Uncover the 10 things you need to know about XDR, including key features to look for when shopping for an XDR system, and get a free ebook.","noIndex":0,"noFollow":0},"content":"What is XDR? It’s a recent addition to the swarm of acronyms bouncing around the business technology space. XDR platforms include tools for incident response, threat hunting, automation, threat detection, visualization, threat management, and more. What brings it all together is a centralized viewpoint of your entire security infrastructure.\r\n\r\nHere are ten things you need to know about XDR including some key features to look for when shopping for an XDR solution.\r\n<h2 id=\"tab1\" >Reduce time to detect and respond</h2>\r\nAt the end of the day, XDR platforms aim to reduce detection and response times. More data and more tools don’t mean faster security teams. They often mean overwhelmed security teams. XDR focuses on providing actionable information through machine learning-supported analytics and a centralized dashboard. On the response side, orchestration and automation features streamline the response process by providing easy-to-use and customizable tools for security staff.\r\n<h2 id=\"tab2\" >Visualize integrated security data</h2>\r\nXDR takes in a lot of information and must organize it to reduce alert fatigue, false positives, and general security operations hassle. Central dashboards are customizable information hubs for security teams to organize their data to fit the organization’s needs. Visualization tools such as incident maps should help identify threat sources and trace potentially new attack points.\r\n<h2 id=\"tab3\" >Precise monitoring</h2>\r\nBecause XDR platforms usually come with machine learning-based analytics, and rely on secondary security tools for data collection, security teams should have a clear view of an organization’s ecosystem. Providing good information, rather than lots of information, cleans up what staff actually see, making it easier to focus on legitimate security concerns.\r\n<h2 id=\"tab4\" >Contextualize alerts and reduce false positives</h2>\r\nXDR’s centralized dashboard features provide context to security situations. Alerts coming in are more reliable because the XDR system has the relevant threat intelligence required to make decisions about what is concerning, abnormal behavior and what isn’t.\r\n\r\nFalse positives are a waste of resources, and XDR’s comprehensive view of the IT infrastructure helps reduce their frequency.\r\n<h2 id=\"tab5\" >Automated responses</h2>\r\nAutomation features have been around in the security space for some time, but XDR’s broad reach enables its automation tools to benefit from some fine-tuning. Many XDR products offer machine learning-supported automation that can take care of rote security tasks, so security staff can work on the harder jobs that need human intervention.\r\n<h2 id=\"tab6\" >Keep it open</h2>\r\nXDR isn’t a lone wolf and needs the support of specialized security tools. XDR platforms offer a lot of integration options, both with existing security tools and ones that may be added in the future.\r\n\r\nEndpoint detection and response (EDR) and network detection and response (NDR) in particular are two tools to think about including when building out your security infrastructure.\r\n<h2 id=\"tab7\" >Store and analyze logs at scale</h2>\r\nBecause of the powerful analytics tools XDR brings in, these platforms are able to process large amounts of security data. XDR solutions are easily scalable so your organization can grow over time, without worrying how your security analytics will have to change.\r\n<h2 id=\"tab8\" >Address compliance requirements</h2>\r\nThe large amount of data that can be processed by XDR also means compliance and industry regulation requirements can be confidently met. Organizations involved in healthcare or finance are especially in need of extensive logging and analysis tools.\r\n<h2 id=\"tab9\" >Siloed solutions are partial solutions</h2>\r\nSecurity infrastructure has become so vast that siloing systems has become common. Enterprise-level IT infrastructure can’t rely on this separation of systems, as attackers expand and develop their attack strategies. Incomplete security information can lead to false positives and alert fatigue, because monitoring tools won’t have the full context of suspicious activity.\r\n<h2 id=\"tab10\" >Remember the human factors</h2>\r\nThe security personnel managing these tools are the most important part of any successful IT security environment. Inefficient security solutions overwork security staff by burdening them with false positive threats, unnecessary alerts that lead to alert fatigue, and lackluster identification and response tools that slow them down.\r\n<h2 id=\"tab11\" >Getting started</h2>\r\nVisit <a href=\"//www.cisco.com/c/en/us/products/security/xdr/xdr-for-dummies.html?utm_medium=media-article&utm_source=wiley&utm_campaign=XDR-FY24-Q2-Content-Ebook-XDR-For-Dummies-Refresh&utm_term=pgm&utm_content=XDR-FY24-Q2-Content-Ebook-XDR-For-Dummies-Refresh\" target=\"_blank\" rel=\"noopener\" data-testid=\"bookSponsorDownloadButton\">Cisco.com</a> and download your free copy of <a href=\"//www.cisco.com/c/en/us/products/security/xdr/xdr-for-dummies.html?utm_medium=media-article&utm_source=wiley&utm_campaign=XDR-FY24-Q2-Content-Ebook-XDR-For-Dummies-Refresh&utm_term=pgm&utm_content=XDR-FY24-Q2-Content-Ebook-XDR-For-Dummies-Refresh\" target=\"_blank\" rel=\"noopener\" data-testid=\"bookSponsorDownloadButton\"><em>Extended Detection and Response (XDR) For Dummies, 2nd Cisco Special Edition</em></a> to learn more about topic.","description":"What is XDR? It’s a recent addition to the swarm of acronyms bouncing around the business technology space. XDR platforms include tools for incident response, threat hunting, automation, threat detection, visualization, threat management, and more. What brings it all together is a centralized viewpoint of your entire security infrastructure.\r\n\r\nHere are ten things you need to know about XDR including some key features to look for when shopping for an XDR solution.\r\n<h2 id=\"tab1\" >Reduce time to detect and respond</h2>\r\nAt the end of the day, XDR platforms aim to reduce detection and response times. More data and more tools don’t mean faster security teams. They often mean overwhelmed security teams. XDR focuses on providing actionable information through machine learning-supported analytics and a centralized dashboard. On the response side, orchestration and automation features streamline the response process by providing easy-to-use and customizable tools for security staff.\r\n<h2 id=\"tab2\" >Visualize integrated security data</h2>\r\nXDR takes in a lot of information and must organize it to reduce alert fatigue, false positives, and general security operations hassle. Central dashboards are customizable information hubs for security teams to organize their data to fit the organization’s needs. Visualization tools such as incident maps should help identify threat sources and trace potentially new attack points.\r\n<h2 id=\"tab3\" >Precise monitoring</h2>\r\nBecause XDR platforms usually come with machine learning-based analytics, and rely on secondary security tools for data collection, security teams should have a clear view of an organization’s ecosystem. Providing good information, rather than lots of information, cleans up what staff actually see, making it easier to focus on legitimate security concerns.\r\n<h2 id=\"tab4\" >Contextualize alerts and reduce false positives</h2>\r\nXDR’s centralized dashboard features provide context to security situations. Alerts coming in are more reliable because the XDR system has the relevant threat intelligence required to make decisions about what is concerning, abnormal behavior and what isn’t.\r\n\r\nFalse positives are a waste of resources, and XDR’s comprehensive view of the IT infrastructure helps reduce their frequency.\r\n<h2 id=\"tab5\" >Automated responses</h2>\r\nAutomation features have been around in the security space for some time, but XDR’s broad reach enables its automation tools to benefit from some fine-tuning. Many XDR products offer machine learning-supported automation that can take care of rote security tasks, so security staff can work on the harder jobs that need human intervention.\r\n<h2 id=\"tab6\" >Keep it open</h2>\r\nXDR isn’t a lone wolf and needs the support of specialized security tools. XDR platforms offer a lot of integration options, both with existing security tools and ones that may be added in the future.\r\n\r\nEndpoint detection and response (EDR) and network detection and response (NDR) in particular are two tools to think about including when building out your security infrastructure.\r\n<h2 id=\"tab7\" >Store and analyze logs at scale</h2>\r\nBecause of the powerful analytics tools XDR brings in, these platforms are able to process large amounts of security data. XDR solutions are easily scalable so your organization can grow over time, without worrying how your security analytics will have to change.\r\n<h2 id=\"tab8\" >Address compliance requirements</h2>\r\nThe large amount of data that can be processed by XDR also means compliance and industry regulation requirements can be confidently met. Organizations involved in healthcare or finance are especially in need of extensive logging and analysis tools.\r\n<h2 id=\"tab9\" >Siloed solutions are partial solutions</h2>\r\nSecurity infrastructure has become so vast that siloing systems has become common. Enterprise-level IT infrastructure can’t rely on this separation of systems, as attackers expand and develop their attack strategies. Incomplete security information can lead to false positives and alert fatigue, because monitoring tools won’t have the full context of suspicious activity.\r\n<h2 id=\"tab10\" >Remember the human factors</h2>\r\nThe security personnel managing these tools are the most important part of any successful IT security environment. Inefficient security solutions overwork security staff by burdening them with false positive threats, unnecessary alerts that lead to alert fatigue, and lackluster identification and response tools that slow them down.\r\n<h2 id=\"tab11\" >Getting started</h2>\r\nVisit <a href=\"//www.cisco.com/c/en/us/products/security/xdr/xdr-for-dummies.html?utm_medium=media-article&utm_source=wiley&utm_campaign=XDR-FY24-Q2-Content-Ebook-XDR-For-Dummies-Refresh&utm_term=pgm&utm_content=XDR-FY24-Q2-Content-Ebook-XDR-For-Dummies-Refresh\" target=\"_blank\" rel=\"noopener\" data-testid=\"bookSponsorDownloadButton\">Cisco.com</a> and download your free copy of <a href=\"//www.cisco.com/c/en/us/products/security/xdr/xdr-for-dummies.html?utm_medium=media-article&utm_source=wiley&utm_campaign=XDR-FY24-Q2-Content-Ebook-XDR-For-Dummies-Refresh&utm_term=pgm&utm_content=XDR-FY24-Q2-Content-Ebook-XDR-For-Dummies-Refresh\" target=\"_blank\" rel=\"noopener\" data-testid=\"bookSponsorDownloadButton\"><em>Extended Detection and Response (XDR) For Dummies, 2nd Cisco Special Edition</em></a> to learn more about topic.","blurb":"","authors":[],"primaryCategoryTaxonomy":{"categoryId":33537,"title":"Cybersecurity","slug":"cybersecurity","_links":{"self":"//dummies-api.coursofppt.com/v2/categories/33537"}},"secondaryCategoryTaxonomy":{"categoryId":0,"title":null,"slug":null,"_links":null},"tertiaryCategoryTaxonomy":{"categoryId":0,"title":null,"slug":null,"_links":null},"trendingArticles":null,"inThisArticle":[{"label":"Reduce time to detect and respond","target":"#tab1"},{"label":"Visualize integrated security data","target":"#tab2"},{"label":"Precise monitoring","target":"#tab3"},{"label":"Contextualize alerts and reduce false positives","target":"#tab4"},{"label":"Automated responses","target":"#tab5"},{"label":"Keep it open","target":"#tab6"},{"label":"Store and analyze logs at scale","target":"#tab7"},{"label":"Address compliance requirements","target":"#tab8"},{"label":"Siloed solutions are partial solutions","target":"#tab9"},{"label":"Remember the human factors","target":"#tab10"},{"label":"Getting started","target":"#tab11"}],"relatedArticles":{"fromBook":[],"fromCategory":[{"articleId":301654,"title":"Nine Ways to Protect Against Advanced Email Threats","slug":"nine-ways-to-protect-against-advanced-email-threats","categoryList":["technology","cybersecurity"],"_links":{"self":"//dummies-api.coursofppt.com/v2/articles/301654"}},{"articleId":301585,"title":"Risk-Based Cybersecurity with Managed Detection and Response (MDR)","slug":"risk-based-cybersecurity-with-managed-detection-and-response-mdr","categoryList":["technology","cybersecurity"],"_links":{"self":"//dummies-api.coursofppt.com/v2/articles/301585"}},{"articleId":300402,"title":"Implementing Sustainable Cloud Security to Stop Remediation Nightmares","slug":"implementing-sustainable-cloud-security-to-stop-remediation-nightmares","categoryList":["technology","cybersecurity"],"_links":{"self":"//dummies-api.coursofppt.com/v2/articles/300402"}},{"articleId":300029,"title":"Data Security Posture Management (DSPM) For Dummies","slug":"data-security-posture-management-dspm-for-dummies","categoryList":["technology","cybersecurity"],"_links":{"self":"//dummies-api.coursofppt.com/v2/articles/300029"}},{"articleId":299346,"title":"Why Your Company Needs a Modern Data Loss Prevention System","slug":"why-your-company-needs-a-modern-data-loss-prevention-system","categoryList":["technology","cybersecurity"],"_links":{"self":"//dummies-api.coursofppt.com/v2/articles/299346"}}]},"hasRelatedBookFromSearch":true,"relatedBook":{"bookId":281675,"slug":"cybersecurity-for-dummies","isbn":"9781119867180","categoryList":["technology","cybersecurity"],"amazon":{"default":"//www.amazon.com/gp/product/1119867185/ref=as_li_tl?ie=UTF8&tag=wiley01-20","ca":"//www.amazon.ca/gp/product/1119867185/ref=as_li_tl?ie=UTF8&tag=wiley01-20","indigo_ca":"//www.tkqlhce.com/click-9208661-13710633?url=//www.chapters.indigo.ca/en-ca/books/product/1119867185-item.html&cjsku=978111945484","gb":"//www.amazon.co.uk/gp/product/1119867185/ref=as_li_tl?ie=UTF8&tag=wiley01-20","de":"//www.amazon.de/gp/product/1119867185/ref=as_li_tl?ie=UTF8&tag=wiley01-20"},"image":{"src":"//coursofppt.com/covers/9781119867180.jpg","width":250,"height":350},"title":"Cybersecurity For Dummies","testBankPinActivationLink":"","bookOutOfPrint":true,"authorsInfo":"\n <p><p><b><b data-author-id=\"33198\">Joseph Steinberg</b></b> is a master of cybersecurity. He is one of very few people to hold the suite of security certifications including: CISSP<sup>®</sup>, ISSAP<sup>®</sup>, ISSMP<sup>®</sup>, and CSSLP<sup>®</sup>. Joseph has written several books on cybersecurity, including the previous edition of <i>Cybersecurity For Dummies</i>. He is currently a consultant on information security, and serves as an expert witness in related matters.</p></p>","authors":[{"authorId":33198,"name":"Joseph Steinberg","slug":"joseph-steinberg","description":" <p><b>Joseph Steinberg</b> is a master of cybersecurity. He is one of very few people to hold the suite of security certifications including: CISSP<sup>®</sup>, ISSAP<sup>®</sup>, ISSMP<sup>®</sup>, and CSSLP<sup>®</sup>. Joseph has written several books on cybersecurity, including the previous edition of <i>Cybersecurity For Dummies</i>. He is currently a consultant on information security, and serves as an expert witness in related matters.</p> ","hasArticle":false,"_links":{"self":"//dummies-api.coursofppt.com/v2/authors/33198"}}],"_links":{"self":"//dummies-api.coursofppt.com/v2/books/281675"}},"collections":[],"articleAds":{"footerAd":"<div class=\"du-ad-region row\" id=\"article_page_adhesion_ad\"><div class=\"du-ad-unit col-md-12\" data-slot-id=\"article_page_adhesion_ad\" data-refreshed=\"false\" \r\n data-target = \"[{"key":"cat","values":["technology","cybersecurity"]},{"key":"isbn","values":[null]},{"key":"sponsored","values":["customsolutions"]}]\" id=\"du-slot-65ef1ccc25664\"></div></div>","rightAd":"<div class=\"du-ad-region row\" id=\"article_page_right_ad\"><div class=\"du-ad-unit col-md-12\" data-slot-id=\"article_page_right_ad\" data-refreshed=\"false\" \r\n data-target = \"[{"key":"cat","values":["technology","cybersecurity"]},{"key":"isbn","values":[null]},{"key":"sponsored","values":["customsolutions"]}]\" id=\"du-slot-65ef1ccc262e5\"></div></div>"},"articleType":{"articleType":"Articles","articleList":null,"content":null,"videoInfo":{"videoId":null,"name":null,"accountId":null,"playerId":null,"thumbnailUrl":null,"description":null,"uploadDate":null}},"sponsorship":{"sponsorshipPage":true,"backgroundImage":{"src":null,"width":0,"height":0},"brandingLine":"Brought to you by Cisco","brandingLink":"//www.cisco.com/","brandingLogo":{"src":"//coursofppt.com/wp-content/uploads/cisco-logo-x125.png","width":125,"height":66},"sponsorAd":"","sponsorEbookTitle":"Extended Detection and Response (XDR) For Dummies, 2nd Cisco Special Edition","sponsorEbookLink":"//www.cisco.com/c/en/us/products/security/xdr/xdr-for-dummies.html?utm_medium=media-article&utm_source=wiley&utm_campaign=XDR-FY24-Q2-Content-Ebook-XDR-For-Dummies-Refresh&utm_term=pgm&utm_content=XDR-FY24-Q2-Content-Ebook-XDR-For-Dummies-Refresh","sponsorEbookImage":{"src":"//coursofppt.com/wp-content/uploads/xdr-for-dummies-2nd-cisco-special-edition-163x255.jpg","width":163,"height":255}},"primaryLearningPath":"Solve","lifeExpectancy":"One year","lifeExpectancySetFrom":"2025-03-08T00:00:00+00:00","dummiesForKids":"no","sponsoredContent":"no","adInfo":"","adPairKey":[{"adPairKey":"sponsored","adPairValue":"customsolutions"}]},"status":"publish","visibility":"public","articleId":301649},"articleLoadedStatus":"success"},"listState":{"list":{},"objectTitle":"","status":"initial","pageType":null,"objectId":null,"page":1,"sortField":"time","sortOrder":1,"categoriesIds":[],"articleTypes":[],"filterData":{},"filterDataLoadedStatus":"initial","pageSize":10},"adsState":{"pageScripts":{"headers":{"timestamp":"2025-03-12T05:50:01+00:00"},"adsId":0,"data":{"scripts":[{"pages":["all"],"location":"header","script":"<!--Optimizely Script-->\r\n<script src=\"//cdn.optimizely.com/js/10563184655.js\"></script>","enabled":false},{"pages":["all"],"location":"header","script":"<!-- comScore Tag -->\r\n<script>var _comscore = _comscore || [];_comscore.push({ c1: \"2\", c2: \"15097263\" });(function() {var s = document.createElement(\"script\"), el = document.getElementsByTagName(\"script\")[0]; s.async = true;s.src = (document.location.protocol == \"https:\" ? \"//sb\" : \"//b\") + \".scorecardresearch.com/beacon.js\";el.parentNode.insertBefore(s, el);})();</script><noscript><img src=\"//sb.scorecardresearch.com/p?c1=2&c2=15097263&cv=2.0&cj=1\" /></noscript>\r\n<!-- / comScore Tag -->","enabled":true},{"pages":["all"],"location":"footer","script":"<!--BEGIN QUALTRICS WEBSITE FEEDBACK SNIPPET-->\r\n<script type='text/javascript'>\r\n(function(){var g=function(e,h,f,g){\r\nthis.get=function(a){for(var a=a+\"=\",c=document.cookie.split(\";\"),b=0,e=c.length;b<e;b++){for(var d=c[b];\" \"==d.charAt(0);)d=d.substring(1,d.length);if(0==d.indexOf(a))return d.substring(a.length,d.length)}return null};\r\nthis.set=function(a,c){var b=\"\",b=new Date;b.setTime(b.getTime()+6048E5);b=\"; expires=\"+b.toGMTString();document.cookie=a+\"=\"+c+b+\"; path=/; \"};\r\nthis.check=function(){var a=this.get(f);if(a)a=a.split(\":\");else if(100!=e)\"v\"==h&&(e=Math.random()>=e/100?0:100),a=[h,e,0],this.set(f,a.join(\":\"));else return!0;var c=a[1];if(100==c)return!0;switch(a[0]){case \"v\":return!1;case \"r\":return c=a[2]%Math.floor(100/c),a[2]++,this.set(f,a.join(\":\")),!c}return!0};\r\nthis.go=function(){if(this.check()){var a=document.createElement(\"script\");a.type=\"text/javascript\";a.src=g;document.body&&document.body.appendChild(a)}};\r\nthis.start=function(){var t=this;\"complete\"!==document.readyState?window.addEventListener?window.addEventListener(\"load\",function(){t.go()},!1):window.attachEvent&&window.attachEvent(\"onload\",function(){t.go()}):t.go()};};\r\ntry{(new g(100,\"r\",\"QSI_S_ZN_5o5yqpvMVjgDOuN\",\"//zn5o5yqpvmvjgdoun-wiley.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5o5yqpvMVjgDOuN\")).start()}catch(i){}})();\r\n</script><div id='ZN_5o5yqpvMVjgDOuN'><!--DO NOT REMOVE-CONTENTS PLACED HERE--></div>\r\n<!--END WEBSITE FEEDBACK SNIPPET-->","enabled":false},{"pages":["all"],"location":"header","script":"<!-- Hotjar Tracking Code for //coursofppt.com -->\r\n<script>\r\n (function(h,o,t,j,a,r){\r\n h.hj=h.hj||function(){(h.hj.q=h.hj.q||[]).push(arguments)};\r\n h._hjSettings={hjid:257151,hjsv:6};\r\n a=o.getElementsByTagName('head')[0];\r\n r=o.createElement('script');r.async=1;\r\n r.src=t+h._hjSettings.hjid+j+h._hjSettings.hjsv;\r\n a.appendChild(r);\r\n })(window,document,'//static.hotjar.com/c/hotjar-','.js?sv=');\r\n</script>","enabled":false},{"pages":["article"],"location":"header","script":"<!-- //Connect Container: dummies --> <script src=\"//get.s-onetag.com/bffe21a1-6bb8-4928-9449-7beadb468dae/tag.min.js\" async defer></script>","enabled":true},{"pages":["homepage"],"location":"header","script":"<meta name=\"facebook-domain-verification\" content=\"irk8y0irxf718trg3uwwuexg6xpva0\" />","enabled":true},{"pages":["homepage","article","category","search"],"location":"footer","script":"<!-- Facebook Pixel Code -->\r\n<noscript>\r\n<img height=\"1\" width=\"1\" src=\"//www.facebook.com/tr?id=256338321977984&ev=PageView&noscript=1\"/>\r\n</noscript>\r\n<!-- End Facebook Pixel Code -->","enabled":true}]}},"pageScriptsLoadedStatus":"success"},"navigationState":{"navigationCollections":[{"collectionId":287568,"title":"BYOB (Be Your Own Boss)","hasSubCategories":false,"url":"/collection/for-the-entry-level-entrepreneur-287568"},{"collectionId":293237,"title":"Be a Rad Dad","hasSubCategories":false,"url":"/collection/be-the-best-dad-293237"},{"collectionId":295890,"title":"Career Shifting","hasSubCategories":false,"url":"/collection/career-shifting-295890"},{"collectionId":294090,"title":"Contemplating the Cosmos","hasSubCategories":false,"url":"/collection/theres-something-about-space-294090"},{"collectionId":287563,"title":"For Those Seeking Peace of Mind","hasSubCategories":false,"url":"/collection/for-those-seeking-peace-of-mind-287563"},{"collectionId":287570,"title":"For the Aspiring Aficionado","hasSubCategories":false,"url":"/collection/for-the-bougielicious-287570"},{"collectionId":291903,"title":"For the Budding Cannabis Enthusiast","hasSubCategories":false,"url":"/collection/for-the-budding-cannabis-enthusiast-291903"},{"collectionId":299891,"title":"For the College Bound","hasSubCategories":false,"url":"/collection/for-the-college-bound-299891"},{"collectionId":291934,"title":"For the Exam-Season Crammer","hasSubCategories":false,"url":"/collection/for-the-exam-season-crammer-291934"},{"collectionId":301547,"title":"For the Game Day Prepper","hasSubCategories":false,"url":"/collection/big-game-day-prep-made-easy-301547"}],"navigationCollectionsLoadedStatus":"success","navigationCategories":{"books":{"0":{"data":[{"categoryId":33512,"title":"Technology","hasSubCategories":true,"url":"/category/books/technology-33512"},{"categoryId":33662,"title":"Academics & The Arts","hasSubCategories":true,"url":"/category/books/academics-the-arts-33662"},{"categoryId":33809,"title":"Home, Auto, & Hobbies","hasSubCategories":true,"url":"/category/books/home-auto-hobbies-33809"},{"categoryId":34038,"title":"Body, Mind, & Spirit","hasSubCategories":true,"url":"/category/books/body-mind-spirit-34038"},{"categoryId":34224,"title":"Business, Careers, & Money","hasSubCategories":true,"url":"/category/books/business-careers-money-34224"}],"breadcrumbs":[],"categoryTitle":"Level 0 Category","mainCategoryUrl":"/category/books/level-0-category-0"}},"articles":{"0":{"data":[{"categoryId":33512,"title":"Technology","hasSubCategories":true,"url":"/category/articles/technology-33512"},{"categoryId":33662,"title":"Academics & The Arts","hasSubCategories":true,"url":"/category/articles/academics-the-arts-33662"},{"categoryId":33809,"title":"Home, Auto, & Hobbies","hasSubCategories":true,"url":"/category/articles/home-auto-hobbies-33809"},{"categoryId":34038,"title":"Body, Mind, & Spirit","hasSubCategories":true,"url":"/category/articles/body-mind-spirit-34038"},{"categoryId":34224,"title":"Business, Careers, & Money","hasSubCategories":true,"url":"/category/articles/business-careers-money-34224"}],"breadcrumbs":[],"categoryTitle":"Level 0 Category","mainCategoryUrl":"/category/articles/level-0-category-0"}}},"navigationCategoriesLoadedStatus":"success"},"searchState":{"searchList":[],"searchStatus":"initial","relatedArticlesList":[],"relatedArticlesStatus":"initial"},"routeState":{"name":"Article2","path":"/article/technology/cybersecurity/takeaways-about-extended-detection-and-response-xdr-301649/","hash":"","query":{},"params":{"category1":"technology","category2":"cybersecurity","article":"takeaways-about-extended-detection-and-response-xdr-301649"},"fullPath":"/article/technology/cybersecurity/takeaways-about-extended-detection-and-response-xdr-301649/","meta":{"routeType":"article","breadcrumbInfo":{"suffix":"Articles","baseRoute":"/category/articles"},"prerenderWithAsyncData":true},"from":{"name":null,"path":"/","hash":"","query":{},"params":{},"fullPath":"/","meta":{}}},"dropsState":{"submitEmailResponse":false,"status":"initial"},"profileState":{"auth":{},"userOptions":{},"status":"success"}}
Takeaways about Extended Detection and Response (XDR)
Updated: 03-11-2024
Extended Detection and Response (XDR) For Dummies, 2nd Cisco Special Edition
What is XDR? It’s a recent addition to the swarm of acronyms bouncing around the business technology space. XDR platforms include tools for incident response, threat hunting, automation, threat detection, visualization, threat management, and more. What brings it all together is a centralized viewpoint of your entire security infrastructure.Here are ten things you need to know about XDR including some key features to look for when shopping for an XDR solution.
Reduce time to detect and respond
At the end of the day, XDR platforms aim to reduce detection and response times. More data and more tools don’t mean faster security teams. They often mean overwhelmed security teams. XDR focuses on providing actionable information through machine learning-supported analytics and a centralized dashboard. On the response side, orchestration and automation features streamline the response process by providing easy-to-use and customizable tools for security staff.
Visualize integrated security data
XDR takes in a lot of information and must organize it to reduce alert fatigue, false positives, and general security operations hassle. Central dashboards are customizable information hubs for security teams to organize their data to fit the organization’s needs. Visualization tools such as incident maps should help identify threat sources and trace potentially new attack points.
Precise monitoring
Because XDR platforms usually come with machine learning-based analytics, and rely on secondary security tools for data collection, security teams should have a clear view of an organization’s ecosystem. Providing good information, rather than lots of information, cleans up what staff actually see, making it easier to focus on legitimate security concerns.
Contextualize alerts and reduce false positives
XDR’s centralized dashboard features provide context to security situations. Alerts coming in are more reliable because the XDR system has the relevant threat intelligence required to make decisions about what is concerning, abnormal behavior and what isn’t.False positives are a waste of resources, and XDR’s comprehensive view of the IT infrastructure helps reduce their frequency.
Automated responses
Automation features have been around in the security space for some time, but XDR’s broad reach enables its automation tools to benefit from some fine-tuning. Many XDR products offer machine learning-supported automation that can take care of rote security tasks, so security staff can work on the harder jobs that need human intervention.
Keep it open
XDR isn’t a lone wolf and needs the support of specialized security tools. XDR platforms offer a lot of integration options, both with existing security tools and ones that may be added in the future.Endpoint detection and response (EDR) and network detection and response (NDR) in particular are two tools to think about including when building out your security infrastructure.
Store and analyze logs at scale
Because of the powerful analytics tools XDR brings in, these platforms are able to process large amounts of security data. XDR solutions are easily scalable so your organization can grow over time, without worrying how your security analytics will have to change.
Address compliance requirements
The large amount of data that can be processed by XDR also means compliance and industry regulation requirements can be confidently met. Organizations involved in healthcare or finance are especially in need of extensive logging and analysis tools.
Siloed solutions are partial solutions
Security infrastructure has become so vast that siloing systems has become common. Enterprise-level IT infrastructure can’t rely on this separation of systems, as attackers expand and develop their attack strategies. Incomplete security information can lead to false positives and alert fatigue, because monitoring tools won’t have the full context of suspicious activity.
Remember the human factors
The security personnel managing these tools are the most important part of any successful IT security environment. Inefficient security solutions overwork security staff by burdening them with false positive threats, unnecessary alerts that lead to alert fatigue, and lackluster identification and response tools that slow them down.
Getting started
Visit and download your free copy of to learn more about topic.