Software Details
- Subscription license (3 years) + VMware Production Support for Cloud Products
- hosted
- SPP, HPP
- 1 endpoint
- promo, prepaid
- US Data Center
Know your gear
Fundamentally, XDR is a consolidation of tools and data, and it represents a major step forward in enterprise security capabilities. Since XDR has access to raw data collected across the environment, it can detect bad actors that are using legitimate software to gain access to the system. This is something security information and event management software, or SIEMs, are often unable to do. XDR performs automated analysis and correlation of activity data, allowing security teams to contain threats more effectively. For example, it can extend to include network detections, lateral movement, anomalous connections, beacons, exfiltration, and delivery of malicious artifacts.
Like EDR, XDR responds to the threat in order to contain and remove it. But, XDR can respond more effectively to the impacted asset, due to its superior data collection and integration with the environment. True XDR platforms provide the holistic visibility and context that security analysts need to respond to threats in a manner that is both targeted and effective. This tailored response helps to contain not only the threat itself, but also the impact of the response on systems. Think: reducing downtime on critical servers.
Like EDR, XDR responds to the threat in order to contain and remove it. But, XDR can respond more effectively to the impacted asset, due to its superior data collection and integration with the environment. True XDR platforms provide the holistic visibility and context that security analysts need to respond to threats in a manner that is both targeted and effective. This tailored response helps to contain not only the threat itself, but also the impact of the response on systems. Think: reducing downtime on critical servers.