Cybersecurity solutions have evolved from a basic investigation and discovery technology to behavioral analysis solutions that enable real-time detection and response. However, if they are to be truly effective, they must also protect against anomalous behavior that may seem harmless on its own, but after gaining a bigger picture by correlating and contextualizing detections, turns out to be an incident that needs to be responded to as soon as possible.

We have been talking about eXtended Detection and Response (XDR) for some years now, but despite being a buzzword in the industry, a fundamental question remains: what are we really talking about here? According to Gartner, which first defined the term in 2020, XDR is a vendor-specific threat detection and incident response tool that natively integrates multiple security products into a cohesive security operations system.

According to a Mandiant survey of 1,350 global business and IT leaders, when trying to secure their networks against cyber threats, nearly all respondents (96%) believe it’s important to understand the threat actors targeting their organizations. That’s hardly a surprise. But then there’s this finding: 79% of respondents say that most of the time, they make decisions about cyberattacks without insights into who could be targeting their organization.