Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

What Is Extended Detection and Response (XDR)?

Extended detection and response (XDR) delivers visibility into data across networks, clouds, endpoints, and applications while applying analytics and automation to detect, analyze, hunt, and remediate today's and tomorrow's threats.

How does XDR work?

XDR collects and correlates data across email, endpoints, servers, cloud workloads, and networks, enabling visibility and context into advanced threats. Threats can then be analyzed, prioritized, hunted, and remediated to prevent data loss and security breaches.

How do I benefit from XDR?

With more visibility and context into threats, events that would have not been addressed before will surface to a higher level of awareness, allowing security teams to quickly focus and eliminate any further impact and reduce the severity and scope of the attack.

Types of detection and response

Endpoint detection and response (EDR), a predecessor to XDR, improved on the capability of malware detection and remediation over antivirus' simplistic approach to detection. EDR solutions are different from XDR in that they focus on endpoints (laptops, for example) and record system activities and events to help security teams (such as the SOC) gain the visibility needed to uncover incidents that would normally not be detected.


XDR

Where EDR improved on malware detection over antivirus capabilities, XDR extends the range of EDR to encompass more deployed security solutions. XDR has a broader capability than EDR. It utilizes the latest and current technologies to provide higher visibility and collect and correlate threat information, while employing analytics and automation to help detect today's and future attacks.