What is the difference between EDR and XDR?

Identity & Access Management (IAM)Data Privacy & Protection
748 viewscircle icon2 Upvotescircle icon2 Comments
Sort by:
Director of IT in Software4 years ago

XDR usually adds a layer of automation to EDR.
We had EDR and when looking to upgrade to XDR one of the main selling features was that it can integrate with our NG firewalls, so you can build a rule when something is being blocked in the EDR it will create a firewall rule as well. It aggregate the data and adds data analytics and threat intelligence

Lightbulb on1
CIO in Manufacturing4 years ago

Based on the discussions I've had with multiple security companies, the X stands for "extended" and just means their own additional services they provide to customers. Rather than just the traditional monitoring, detection, and response, the additional services would include things like SOC 24x7, consulting, corporate incident response, threat hunting, etc..

Lightbulb on2

Content you might like

Curious how people are dealing with fraud, and specifically tech support scams, in their organisation. Our service desk have a protocol (using personal questions and answers or escalation to a manager) when validating staff requesting password resets. This wouldn't be scalable to our wider population.  I've heard of one tech firm implementing something simple like 2 random words generated on an internally hosted website every, say, 60s that can be used as a challenge & response. Does anyone have any other smart, easy to use, bits of tech that I should consider as part of a wider on-going education and awareness campaign?  I'm assuming this is a hot topic for many of you, given the recent Quick Assist social engineering ransomware attacks.

Our IT department is refreshing our SLAs and KPIs for Incident Management.  I would like to know who is a recognized authority on industry averages for IT Service Management processes for the service desk?  Below are examples of what I am looking for an industry average on. P1 95% resolved within 4 elapsed hours P2 90% resolved within 8 service hours P3 85% resolved within 3-5 days P4 85% resolved within 28 days

What is the best way to safely execute potentially malicious code?

Sideloading9%

Sandboxing31%

Vulnerability Scanning29%

Containerization29%

Other

View Results

Which is the bigger cybersecurity threat to your organization?

External threats (DDoS attacks, etc.)36%

Internal threats caused by human error (poor password hygiene, phishing, stolen devices, etc.)61%

Something else (comment below)1%

View Results

How can security leaders in smaller organizations stay informed about emerging threats if they don’t have access to formal threat intelligence feeds?

Read More Comments