You are here
Home > News > Technology > How EDR is moving beyond the endpoint

How EDR is moving beyond the endpoint

More alphabet soup from security technology vendors. I read this as: “Current SIEM can’t actually cope so we’ll invent something new”…:

[…] Traditional EDR technology collects telemetry data about events related to endpoints, such as application processes that connect to specific network addresses. But this data is often not fed to security information and event management (SIEM) systems, which could otherwise be overloaded with data.

Yet, this data is essential for analysis by machine learning algorithms and incident response teams to flag up signs of a cyber attack across different stages of the cyber kill chain.

That is the premise behind an emerging breed of EDR offerings called XDR, where X refers to the collection of a broader set of data related to the network, cloud and other parts of an enterprise’s IT footprint.

[…]

Original article here

Peter Glock
Over 30 years of designing, building and managing telecoms and IT services. Primarily working with large enterprise and professional services businesses in Asia, North America, continental Europe and the UK. Information security professional, secret physics nerd.
https://brownglock.com

Similar Articles

Leave a Reply

Top
%d bloggers like this: