Tags: SOC, XDR, Gartner, Ponemon Institute
- XDR: A Blessing for SOC Teams, or Another Fad? (opencybersecurityalliance.org)
- 5 observations about XDR | CSO Online
- [Gartner Report] Innovation Insight for Extended Detection and Response (fireeye.com)
- [Solution Page] What is Extended Detection and Response (XDR)? | Mandiant | FireEye
- [ESG eBook] The Impact of XDR in the Modern SOC
- [Ponemon Institute Second Annual Study] Economics Of The SOC 2021
Relevance: What is XDR going to be when it matures? EDR… XDR… It's not quite the same thing. XDR is starting to gain traction as a beloved moniker. How do we shape the industry and VMware's story? The following is a representative, but not exhaustive, list of potential future XDR vendors from Gartner’s Innovation Insight: Cisco, Fortinet, Fidelis Cybersecurity, McAfee, Microsoft, Palo Alto Networks, Symantec, Trend Micro, FireEye, Rapid7, and Sophos. How does VMware fit into this narrative?
Pushing this further – welcome to the intersection of XDR and the SOC.
From Gartner Innovation Insight report:
The three primary requirements of an XDR system are:
1. Centralization of normalized data, but primarily focusing on the XDR vendors’ ecosystem only.
2. Correlation of security data and alerts into incidents.
3. A centralized incident response capability that can change the state of individual security products as part of incident response or security policy setting.
This was insightful from the Ponemon Institute research report on SOCs: