In a new 12-minute video Rakesh Shah AVP Product Management and Development of AT&T Cybersecurity, explains Extended Detection and Response (XDR). This video was part of the virtual Black Hat USA event in August. It’s not product-specific and explains what can be a very confusing concept in a delightfully simple way.

Fighting modern adversaries requires having a modern security operations center (SOC), especially as organizations move to the cloud. To protect their estates against tomorrow’s threats, security professionals have often turned to more data sources and adding more security monitoring tools in their operations, both in the pursuit of maximizing their attack surface visibility and reducing time to detect and respond to threats.

At this year’s InfoSec conference hosted by Computer 2000, LogSentinel presented – “The power of XDR-stay ahead of the curve” Asen Kehayov CEO and Nikolay Raychev CTO presented in depth the XDR trend in cybersecurity and how LogSentinel SIEM accommodates conceptual architecture and improves the industry vision of XDR.

In the cybersecurity industry, understanding the value and impact of the critical technology we use to keep organizations safe can often become lost in translation. This is undoubtedly the case with extended detection and response (XDR), where the continued misuse of the term has created more market confusion than clarity. The definition of XDR varies depending on who you ask.

Gartner defines Extended Detection and Response (XDR) as “a SaaS-based, vendor-specific, security threat detection and incident response tool that natively integrates multiple security products into a cohesive security operations system that unifies all licensed components”. Simply put, the main component of XDR is the ability to correlate data across multiple security systems and tools for better detection and response.

Since the early days of computing, cybersecurity has been a top concern for businesses and organizations. Over the years, the nature of cybersecurity threats has changed dramatically, and so too must our approach to security. In this blog post, we'll take a look at the evolution of cybersecurity from prevention to XDR and SOAR. We'll also consider the implications of these changes for CIOs and business leaders alike.

Internal Reconnaissance, step one of the Cyber Kill Chain, is the process of collecting internal information about a target network to identify vulnerabilities that can potentially be exploited. Threat actors use the information gained from this activity to decide the most effective way to compromise the target network. Vulnerable services can be exploited by threat actors and potentially lead to a network breach. A network breach puts the company in the hands of cybercriminals.