So, what actually is XDR?
Well, depending on who you ask, you’ll probably get a different answer. For an organisation making critical cyber security decision, confusion is the last thing they need.
It also doesn’t help that even top security leaders can’t agree on what it means.
If you ask a technology vendor, it’s an EDR product with Cloud reporting managed by the customer. If you ask an industry analyst, it’s a ‘natural evolution’ of EDR and MDR. If you ask a Managed SOC provider, it’s what they’ve been doing for years, just without the terminology!
We’re here to dispel the misconceptions and simplify what it really means to use an XDR service.
At Talion, we view XDR as a service that goes beyond the End Point with a detection and response service that’s built for your needs, with the flexibility you require. It includes an additional number of core event sources, as well as the endpoint, such as Cloud, Email, IAM and the Network. As a result, it expands upon traditional EDR, with affordability at front of mind. Think MDR-light!
You may ask, how is Talion’s XDR service different to other cybersecurity providers? Especially in a landscape where this term is so often misinterpreted, with little clear explanation…
Talion’s unique standpoint on XDR is that we provide it as a managed service – our team of experts work around the clock to keep organisations safe and secure on all end points AND critical event sources. With as little or as much input as you wish, we offer dynamic visibility into your security threats and actionable recommendations for remediation.
Managed, Detection & Response (MDR) is a service that acts as a security partnership, managing your security alerts, responding to cyber threats and reducing the risk to your business, all from a centralised Security Operations Centre (SOC). It typically runs on SIEM and SOAR platform capabilities, and Talion’s MDR service is threat-led to ensure we defend against relevant and forthcoming threats.
The difference between an MDR and XDR service is that XDR is seen as an expansion of Endpoint, Detection and Response (EDR), including a limited number of additional core event sources. Whilst MDR is managed solely by the security provider, XDR doesn’t necessarily follow this route, although most companies choose the managed offering to unload the stress and time that comes with acting upon the recommendations given.
As mentioned above, XDR offerings vary per security provider, so be sure to check in with what is and isn’t included when making a decision for your business, in order to find the best provider for you.
As a guide, industry analysts such as Gartner view XDR as including End Point along with Email and IAM. Whilst Talion’s XDR service is similar, we go beyond by including additional core event sources and offering a fully managed service.
With XDR, you can get the benefit of an MDR offering with an ‘off the shelf’ service built to suit your requirements and your budget.
Talion’s XDR service offers 5 key advantages:
✅ Covers key security event sources
✅ 24/7 fully managed service from industry-leading SOC
✅ Maximise your cybersecurity ROI
✅ Detect threats outside of the endpoint
✅ Full transparency, no hidden costs
We hope this article has dispelled some of the confusion surrounding XDR.
Whilst it may remain an ever-changing definition from business to business, Talion’s XDR offering has been developed in depth to provide you with a tailored service that doesn’t require you to sacrifice needs or budget.
Still confused, or got any questions?
Let’s talk about your challenges, concerns and security goals.
Call us directly and we’ll put you in touch with the most relevant cyber expert.
Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.
Thought-provoking cyber security discussion at Michelin-star restaurants across the UK.
