There seems to be a bit of confusion as to what constitutes XDR (extended detection and response). To clear up the conversation, we held a session at VMware Explore Europe to address what it is and how it is used to address current security vulnerabilities. This session was helmed by VMware VP of Security Services, Christopher Kruegel, VMware VP of Product Management, Jason Rolleston, and even included Forrester Senior Analyst, Allie Mellen, to provide insight on XDR.
Starting off, Allie Mellen introduced a recent survey they conducted on behalf of VMware to gauge public knowledge and sentiments regarding XDR, including:
- 45% of XDR users and 44% of non-users agree there is not a clear, standard industry definition for XDR
- 3 in 4 organizations have not yet adopted XDR, but of those, 27% are planning to implement it in the next 12 months
- 75% of users believe XDR encompasses both EDR (endpoint detection and response) and NAV (network access and visibility)
- 86% of XDR users and 74% of non-users believe the XDR market will mature and be the way of the future
So, with these numbers in mind, there is confusion surrounding what XDR is, but it is also clear that the desire and expectation for a mature XDR market are alive and well. With that as a jumping-off point, Allie defined XDR as the evolution of EDR (endpoint detection and response) that brings in other data points and capabilities from additional tools, including MDR (managed detection and response), vulnerability management, IAM (identity and access management), and NAV (network access and visibility). These additional telemetry points provide overall visibility that extends beyond just the endpoint, allowing SOC personnel direct access to the security points affecting the defenses of their infrastructure.
Once Allie’s presentation concluded, Christopher Kruegel, Jason Rolleston, and Randeep Gill engaged in a kind of roundtable discussion regarding the results of the survey, Forrester’s analysis of the data, the history of how we got to XDR from EDR and NDR, as well as the future of XDR.