What is XDR?
XDR is the evolution of Endpoint Detection and Response (EDR). While EDR collects and correlates activities across multiple endpoints, XDR broadens the scope to provide detection, analytics, and response across endpoints, network security devices, servers, cloud workloads, email, and much more. This aims to provide a unified, single pane of glass view across multiple security controls and attack vectors, contextualizing these threats to assist with triage, investigation, and rapid remediation efforts.
XDR seamlessly collects and correlates data across multiple security vectors, facilitating faster threat detection so that security analysts can respond quickly, containing the threat before the scope of the attack broadens beyond the initial intrusion. Out-of-the-box integrations and pre-tuned detection mechanisms across multiple products and platforms help improve analyst productivity, threat detection, and forensics. In short, XDR extends beyond the endpoint to make decisions based on data from more products and can take action across your security stack via integrations with email, network, identity, and beyond.