Emerging Extended Detection and Response (XDR) solutions aim to aggregate and correlate telemetry from multiple detection controls and then synthesize response actions.
XDR has been referred to as the next step in the evolution of Endpoint Detection and Response (EDR) solutions.
In fact, Gartner named XDR as the first of their Top 9 Security and Risk Trend for 2020.
Because XDR represents a new solution category, there is no single accepted definition of what capabilities and features should (and shouldn't) be included.
Each provider approaches XDR with different strengths and perspectives on how what an XDR solution should include.
Therefore, selecting an XDR provider is quite challenging as organizations must organize and prioritize a wide range of capabilities that can differ significantly between providers.
Cynet is now addressing this need with the Definitive RFP Template for XDR solutions (download here), an expert-made security requirement list that enables stakeholders to accelerate and optimize the evaluation process of the products they evaluate.
The RFP template aims to capture the widest common denominator in terms of security needs and deliver the essentials relevant to any organization.
An XDR solution can benefit large companies that are awash in alerts from multiple detection sources, rationalize the myriad signals, and simplify response actions. Smaller companies benefit by leveraging a single platform that would otherwise require coordinating several expensive and complex point solutions. Logically it makes sense for organizations to achieve greater threat visibility along with reduced complexity.
"Despite all the security tools that have been deployed over the years to prevent and detect breaches, attackers are still able to find the seams in the protections," says Eyal Gruner, CEO of Cynet. "One of the main problems is that security teams simply cannot make sense of the barrage of information and alerts coming at them from multiple security tools. And, some organizations can't afford to deploy all of the necessary monitoring tools to ensure full protection."
To provide strong breach protection, organizations must collect, synthesize, and make sense of signals from the primary attack vectors as the first step to better defense. Then, automating investigation and remediation to cover the full breadth of each attack ensures all appropriate actions are taken to protect the organization. This is where XDR comes in.
Using the ready-made templates can potentially save significant time and resources otherwise spent on building a similar requirement list from scratch. The XDR solution RFP can help companies prioritize the capabilities available in emerging solutions to improve their purchase decisions.
The RFP comprises five sections:
- Monitoring & Control—routine activities to gain visibility and proactively discover and reduce attack surfaces.
- Prevention & Detection—mechanism to thwart the wide array of commodities and advanced attack vectors.
- Investigation & response—an overall toolset for efficient reaction to the detected live attacks.
- Infrastructure—architecture, deployment, data collection, and communication.
- Operation—ongoing management of the solution
The RFP Guides ensure organizations are not overlooking important aspects of security solution capabilities and thereby making substandard decisions for critical enterprise purchases.
Download the XDR RFP here.