Cisco has launched its Extended Detection and Response (XDR) solution, which aims to improve security by correlating data from multiple third-party security vendors. The fragmented nature of the security market can lead to a cacophony of signals and alerts in the Security Operations Center (SOC), overwhelming security teams and wasting time and resources. Cisco XDR seeks to address this issue by providing a unified security incident detection and response solution.
XDR solutions need to be comprehensive and collect and correlate telemetry from various security tools across different vectors, such as email, endpoints, servers, cloud workloads, and networks. This requires the integration of APIs to existing endpoint detection and response (EDR) systems and other security tools. By leveraging these integrations, XDR tools allow security practitioners to focus on larger threats and develop effective response strategies.
Vinu Thomas, COO of Driven Technologies, a cloud-native and cyber security managed service provider, explains that Cisco XDR provides a unified, analytics-driven view of security events. It consolidates telemetry from different tools and creates actionable responses that can be automated. Unlike other XDR offerings, Cisco XDR is not limited to its own portfolio of tools but can unify visibility across control points from multiple vendors, including endpoint, email, next-generation firewall, SIEM, network, and cloud security solutions.
Customers are looking for consolidation opportunities and reduced complexity in their security posture. Cisco XDR addresses these concerns by integrating with the most telemetry sources of any vendor. It leverages existing tools, regardless of vendor, rather than adding complexity with additional siloed solutions. This approach allows Cisco to provide partners like Driven Technologies with a comprehensive solution that enables secure outcomes for their customers and builds long-term loyalty.
Cisco XDR correlates telemetry from integrated solutions to offer informed and prioritized recommendations, enabling organizations to act quickly in response to security threats. Thomas highlights that Driven Technologies can stitch everything together with Cisco XDR, allowing for automated prioritization of remediation steps, even when it involves non-Cisco security tools. This streamlines the incident response process and ensures efficient resolution of security incidents.
For the Cisco partner community, there are significant opportunities with Cisco XDR. Partnering with Cisco provides access to a comprehensive solution that addresses the complexities of the security landscape. The recent Partner XDR Virtual Summit offers partners a deep dive into the vision of Cisco XDR, partner discussions, and a product demo, providing valuable knowledge and tools to take advantage of this new solution.
Cisco is dedicated to making world-class security available to more organizations, and partnerships with companies like Driven Technologies play a vital role in achieving this goal. To learn more about Cisco XDR and its potential in ensuring continuity after a cyberattack, interested parties can visit Cisco’s digital newsroom to read the latest article on the subject. Cisco XDR represents a community effort towards enhancing security and protecting organizations from evolving cyber threats.