SlideShare una empresa de Scribd logo

Why Should Organizations Consider Extended Detection and Response (XDR)?

Enterprise Management Associates
Enterprise Management Associates

As security leaders evaluate the vast array of tools available to combat ransomware attacks, endpoint and extended detection and response solutions still stand out as the best defense against emerging threats. How can an enterprise know which of these tools is the best though? Enterprise Management Associates (EMA) surveyed IT professionals, information security practitioners, and technology business leaders across all verticals to discover their attitudes and perspectives toward XDR solutions. The primary goal was to use survey responses and third-party interviews to create a comprehensive definition of “What is XDR?” for leaders to use as part of their solution evaluation process. Check out these research slides featuring Christopher Steffen, CISSP, CISA, and vice president of research at EMA, to discover the definition and get results from this research.

Tecnología
1 de 17
Descargar para leer sin conexión
Why Should Organizations Consider Extended Detection and Response (XDR)? Christopher M. Steffen, CISSP, CISA Vice President – Research Enterprise Management Associates (EMA) csteffen@enterprisemanagement.com Sponsored by . . .
2 Watch the On-Demand Webinar • Why Should Organizations Consider Extended Detection and Response (XDR)? On-Demand Webinar: https://info.enterprisemanagement.com/extended-detection-and- response-xdr-webinar-ws • Check out upcoming webinars from EMA here: https://www.enterprisemanagement.com/freeResearch
| @ema_research Featured Speaker Chris brings over 25 years of industry experience as a noted information security executive, researcher, and presenter, focusing on IT management/leadership, cloud security, and regulatory compliance. He also serves as the co-chair of the zero trust working group for the Cloud Security Alliance (CSA) Chris’s technical career started in the financial services vertical in systems administration for a credit reporting company, eventually building the Network Operations group, as well as the Information Security practice and Technical Compliance practice for the company before leaving as the Principal Technical Architect. He has been the Director of Information for a manufacturing company and the Chief Evangelist for several technical companies, focusing on cloud security and cloud application transformation. He’s also held the position of CIO of a financial services company, overseeing the technology-related functions of the enterprise. Chris currently leads the information security, risk and compliance management practice for Enterprise Management Associates (EMA), a leading industry analyst firm that provides deep insight across the full spectrum of IT and data management technologies. Chris holds several technical certifications, including Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA), and was awarded the Microsoft Most Valuable Professional Award five times for virtualization and Cloud and Data Center Management (CDM). He holds a Bachelor of Arts (Summa Cum Laude) from the Metropolitan State College of Denver. © 2023 Enterprise Management Associates, Inc. 3 Christopher Steffen Vice President - Research Information Security, Risk and Compliance Management Enterprise Management Associates | @ema_research
| @ema_research Sponsors © 2023 Enterprise Management Associates, Inc. 4 | @ema_research
Research Methodologies and Demographics
| @ema_research Demographics & Methodology 6 Which of the following best describes your organization's primary industry? Which of the following BEST describes your specific role (IT Related)? 31.9% 17.1% 15.2% 10.0% 4.3% 2.9% 2.4% 2.4% 2.4% 1.9% 1.4% 1.4% 1.0% 1.0% 1.0% 0.5% 0.5% 0.5% 0.5% 0.5% 0.5% 0.5% 0.5% IT Director CIO/CTO IT Manager/Supervisor (or equivalent) VP IT IT Administrator/System Administrator Chief Data Officer CISO/CSO VP Information Security Information Security Director IT Project/Program Manager IT Service Manager/ITSM Team Leader IT Business Analyst Director of IT Audit/Compliance Director of Cloud Computing/Cloud… Programmer/Developer/Engineer Chief Compliance Officer Chief Privacy Officer Director of Architecture IT Director/Manager (other) IT Auditor/Compliance Specialist IT Architect IT Consultant/Integrator Help Desk/IT Support 14.4% 12.3% 11.9% 11.4% 7.2% 4.7% 4.2% 4.2% 4.2% 4.2% 3.4% 3.0% 2.1% 2.1% 1.7% 1.3% 1.3% 1.3% 1.3% 1.3% 1.3% 0.4% 0.4% 0.4% Manufacturing Computer/Technology Services (IaaS, SaaS, MSP, MSSP,… Finance/Financial Services/Banking Computer/Technology Software (mobile app, consumer,… Retail/Wholesale/Distribution Healthcare/Medical/Pharmaceutical Computer/Technology Hardware (devices, chip,… Computer/Technology: Other Professional Services (non-technical) Transportation/Airlines/Trucking/Rail Telecommunications Utilities/Energy Business Services/Consulting Insurance Automotive Ecommerce Education (federal, state & local) Gaming/Digital Entertainment Government (federal, state & local) Oil/Gas/Chemicals Other Aerospace/Defense Nonprofit/Not for Profit Travel/Hospitality/Recreation © 2023 Enterprise Management Associates, Inc.
XDR in the Enterprise 7
| @ema_research © 2023 Enterprise Management Associates, Inc. Do you envision an XDR solution or some other security tool/solution replacing your SIEM solution your organization is currently using? 81.1% 18.9% Yes No Is your organization currently using/evaluating an extended detection and response (XDR) solution? 59.7% 26.3% 8.1% 3.8% 2.1% Yes - currently using within our organization Yes - currently evaluating, with funding approved to purchase in the next 3 months Yes - currently evaluating to purchase in the next budget year Yes - soliciting vendors/proof of concept, but no immediate plans to purchase No - not currently using/evaluating
| @ema_research © 2023 Enterprise Management Associates, Inc. Which technologies/products do you expect in an XDR platform? 24.1% 20.5% 13.6% 12.6% 9.7% 8.9% 8.5% 2.0% SIEM EDR Email Security Threat Detection NDR ASM SOAR UBA
| @ema_research © 2023 Enterprise Management Associates, Inc. What is the primary use case you are looking to solve with XDR? 60.6% 17.8% 6.8% 11.4% 1.7% 1.7% Improve detection of advanced threats Provide automated analyst response Prioritize alert Tool consolidation EDR replacement Alert correlation across tools
| @ema_research © 2023 Enterprise Management Associates, Inc. What are the most important orchestration capabilities of an XDR solution? 3.34 3.16 2.95 2.78 2.76 Enrichment Provisioning and deprovisioning Customization (playbooks) Visualizations Collaboration (email, slack, tickets, etc.) What are the most important automation capabilities of an XDR solution? 3.44 3.36 3.04 2.85 2.31 Repetitive Task Reporting Low-code automation Visualization Alert Automation
| @ema_research © 2023 Enterprise Management Associates, Inc. Assuming XDR is the evolution of EDR beyond endpoints, which XDR capabilities appeal to you most? 25.5% 21.5% 20.6% 19.0% 13.4% Advanced analytics Simplified visualization of complex attacks Correlation and enrichment of security data from multiple security controls Automated cross-response capabilities Reduction in the number of escalations to higher-skilled security analysts
| @ema_research © 2023 Enterprise Management Associates, Inc. When considering the functions and capabilities of an XDR solution, which of the following functions / capabilities are the most important? 8.69 8.66 8.66 8.64 8.62 8.61 8.61 8.61 8.6 8.58 8.55 8.55 Ease of Use / Management Attack understanding/intelligence Automated detection of zero-day attacks Unified Threat Hunting Capabilities Provide Automated Detection of Complex Threats with… Enable More Threat Hunting Imrpove Mean Time to Response (MTTR) Integrate Visibly with Existing Tools and Data Sources Rapid Time to Value / Ease of Deployment Improve Mean Time to Detection (MTTD) End-user Support from Vendor Ingest Multiple Data Sources
Conclusions
| @ema_research Conclusions © 2022 Enterprise Management Associates, Inc. XDR solutions are in line to replace underperforming legacy security solutions. But it isn’t always because a solution is underperforming, solution complexity, deployment and maintenance, and resource requirements are important factors. If an XDR solution can easily supplant these solutions and about 1/3 of the annual cost, security leaders are forced to pay attention. . | @ema_research Technology leaders are looking for in a XDR solution mimic the capabilities of the solutions that they are ,looking to replace, namely SIEM and SOAR solutions. XDR takes the core capabilities of SIEM and SOAR solutions and provides those insights in a simple and easy manner to digest. For many organizations, having a simpler and less expensive XDR solution to achieve those same capabilities is likely the right decision. It is not enough to just point out threats and low-level attacks: organizations are looking to their XDR solution to provide advanced insights into the threat landscape.. Organizations looking to evaluate and deploy an XDR solution would do well to make the vendor prove these core capabilities – not just as a point in time, but from a tactical and long-term perspective. Organizations are always updating their security tools and are looking to XDR to help with this process SIEM, SOAR and threat detection are the most important capabilities Ease of use, zero-day threat detection, better reporting attacks, complex analytics, and automated reporting
| @ema_research Conclusions © 2023 Enterprise Management Associates, Inc. Extended detection and response, or XDR, is a cybersecurity solution that: • Integrates with existing and future security and operations tools • Provides in-depth insights and reporting to technicians and decisionmakers • Streamlines security operations across users, endpoints, data, networks, cloud resources, applications and other workloads • Applies analytics and automation to detect, analyze, hunt, and mitigate threats. | @ema_research Taking these considerations, functions and capabilities to create a unified definition of “XDR”, EMA proposes the following definition:
| @ema_research Get the Report Learn more and download https://bit.ly/3rLfcaZ © 2022 Enterprise Management Associates, Inc. 17 | @ema_research

Recomendados

SSR Overview 2008
SSR Overview 2008SSR Overview 2008
SSR Overview 2008granicki
 
PCSG Corporate Overview
PCSG Corporate OverviewPCSG Corporate Overview
PCSG Corporate Overviewjayallen77
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?rbrockway
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Cyber Threat Intelligence: Transforming Data into Relevant Intelligence
Cyber Threat Intelligence: Transforming Data into Relevant IntelligenceCyber Threat Intelligence: Transforming Data into Relevant Intelligence
Cyber Threat Intelligence: Transforming Data into Relevant IntelligenceEnterprise Management Associates
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
PAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArkPAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArkHappiest Minds Technologies
 
SIEM Buyer's Guide
SIEM Buyer's GuideSIEM Buyer's Guide
SIEM Buyer's GuideJoseph DeFever
 

Recomendados

SSR Overview 2008
SSR Overview 2008SSR Overview 2008
SSR Overview 2008granicki
 
PCSG Corporate Overview
PCSG Corporate OverviewPCSG Corporate Overview
PCSG Corporate Overviewjayallen77
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?rbrockway
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Cyber Threat Intelligence: Transforming Data into Relevant Intelligence
Cyber Threat Intelligence: Transforming Data into Relevant IntelligenceCyber Threat Intelligence: Transforming Data into Relevant Intelligence
Cyber Threat Intelligence: Transforming Data into Relevant IntelligenceEnterprise Management Associates
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
PAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArkPAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArkHappiest Minds Technologies
 
SIEM Buyer's Guide
SIEM Buyer's GuideSIEM Buyer's Guide
SIEM Buyer's GuideJoseph DeFever
 
Software Analytics = Sharing Information
Software Analytics = Sharing InformationSoftware Analytics = Sharing Information
Software Analytics = Sharing InformationThomas Zimmermann
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
Comodo SOC service provider
Comodo SOC service providerComodo SOC service provider
Comodo SOC service providerpaulharry03
 
Responding to the Pandemic: Information Security and Technology Trends
Responding to the Pandemic: Information Security and Technology Trends Responding to the Pandemic: Information Security and Technology Trends
Responding to the Pandemic: Information Security and Technology Trends Enterprise Management Associates
 
Webinar: Microsoft 365 - Your Gateway to Data Loss Prevention
Webinar: Microsoft 365 - Your Gateway to Data Loss PreventionWebinar: Microsoft 365 - Your Gateway to Data Loss Prevention
Webinar: Microsoft 365 - Your Gateway to Data Loss PreventionWithumSmith+Brown, formerly Portal Solutions
 
Secure Coding Practices – Growing Success or Zero-Day Epidemic?
Secure Coding Practices – Growing Success or Zero-Day Epidemic?Secure Coding Practices – Growing Success or Zero-Day Epidemic?
Secure Coding Practices – Growing Success or Zero-Day Epidemic?Enterprise Management Associates
 
Soar cybersecurity
Soar cybersecuritySoar cybersecurity
Soar cybersecuritySecuraa
 
The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021Andy Kwong
 
Real-world incident response, management, and prevention
Real-world incident response, management, and preventionReal-world incident response, management, and prevention
Real-world incident response, management, and preventionEnterprise Management Associates
 
Extended Detection & Response Services in India - Senselearner
Extended Detection & Response Services in India - SenselearnerExtended Detection & Response Services in India - Senselearner
Extended Detection & Response Services in India - SenselearnerSense Learner Technologies Pvt Ltd
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sunvijaychn
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Ben Rothke
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 DefenderMighty Guides, Inc.
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Doeren Mayhew
 
Does audit make us more secure
Does audit make us more secureDoes audit make us more secure
Does audit make us more secureEnterpriseGRC Solutions, Inc.
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITEnvision Technology Advisors
 
Top 10 SOAR companies from 2022 December2022.pdf
Top 10 SOAR companies from 2022 December2022.pdfTop 10 SOAR companies from 2022 December2022.pdf
Top 10 SOAR companies from 2022 December2022.pdfInsightsSuccess4
 
Vermont Teddy Bear Essay
Vermont Teddy Bear EssayVermont Teddy Bear Essay
Vermont Teddy Bear EssayAmy Williams
 
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryObservability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryEnterprise Management Associates
 
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...Enterprise Management Associates
 

Más contenido relacionado

Similar a Why Should Organizations Consider Extended Detection and Response (XDR)?

Software Analytics = Sharing Information
Software Analytics = Sharing InformationSoftware Analytics = Sharing Information
Software Analytics = Sharing InformationThomas Zimmermann
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
Comodo SOC service provider
Comodo SOC service providerComodo SOC service provider
Comodo SOC service providerpaulharry03
 
Responding to the Pandemic: Information Security and Technology Trends
Responding to the Pandemic: Information Security and Technology Trends Responding to the Pandemic: Information Security and Technology Trends
Responding to the Pandemic: Information Security and Technology Trends Enterprise Management Associates
 
Secure Coding Practices – Growing Success or Zero-Day Epidemic?
Secure Coding Practices – Growing Success or Zero-Day Epidemic?Secure Coding Practices – Growing Success or Zero-Day Epidemic?
Secure Coding Practices – Growing Success or Zero-Day Epidemic?Enterprise Management Associates
 
Soar cybersecurity
Soar cybersecuritySoar cybersecurity
Soar cybersecuritySecuraa
 
The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021Andy Kwong
 
Extended Detection & Response Services in India - Senselearner
Extended Detection & Response Services in India - SenselearnerExtended Detection & Response Services in India - Senselearner
Extended Detection & Response Services in India - SenselearnerSense Learner Technologies Pvt Ltd
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sunvijaychn
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Ben Rothke
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 DefenderMighty Guides, Inc.
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Doeren Mayhew
 
Top 10 SOAR companies from 2022 December2022.pdf
Top 10 SOAR companies from 2022 December2022.pdfTop 10 SOAR companies from 2022 December2022.pdf
Top 10 SOAR companies from 2022 December2022.pdfInsightsSuccess4
 
Vermont Teddy Bear Essay
Vermont Teddy Bear EssayVermont Teddy Bear Essay
Vermont Teddy Bear EssayAmy Williams
 

Similar a Why Should Organizations Consider Extended Detection and Response (XDR)? (20)

Software Analytics = Sharing Information
Software Analytics = Sharing InformationSoftware Analytics = Sharing Information
Software Analytics = Sharing Information
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
 
Comodo SOC service provider
Comodo SOC service providerComodo SOC service provider
Comodo SOC service provider
 
Responding to the Pandemic: Information Security and Technology Trends
Responding to the Pandemic: Information Security and Technology Trends Responding to the Pandemic: Information Security and Technology Trends
Responding to the Pandemic: Information Security and Technology Trends
 
Webinar: Microsoft 365 - Your Gateway to Data Loss Prevention
Webinar: Microsoft 365 - Your Gateway to Data Loss PreventionWebinar: Microsoft 365 - Your Gateway to Data Loss Prevention
Webinar: Microsoft 365 - Your Gateway to Data Loss Prevention
 
Secure Coding Practices – Growing Success or Zero-Day Epidemic?
Secure Coding Practices – Growing Success or Zero-Day Epidemic?Secure Coding Practices – Growing Success or Zero-Day Epidemic?
Secure Coding Practices – Growing Success or Zero-Day Epidemic?
 
Soar cybersecurity
Soar cybersecuritySoar cybersecurity
Soar cybersecurity
 
The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021The forrester wave™ endpoint security software as a service, q2 2021
The forrester wave™ endpoint security software as a service, q2 2021
 
Real-world incident response, management, and prevention
Real-world incident response, management, and preventionReal-world incident response, management, and prevention
Real-world incident response, management, and prevention
 
Extended Detection & Response Services in India - Senselearner
Extended Detection & Response Services in India - SenselearnerExtended Detection & Response Services in India - Senselearner
Extended Detection & Response Services in India - Senselearner
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sun
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
 
Does audit make us more secure
Does audit make us more secureDoes audit make us more secure
Does audit make us more secure
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of IT
 
Top 10 SOAR companies from 2022 December2022.pdf
Top 10 SOAR companies from 2022 December2022.pdfTop 10 SOAR companies from 2022 December2022.pdf
Top 10 SOAR companies from 2022 December2022.pdf
 
Vermont Teddy Bear Essay
Vermont Teddy Bear EssayVermont Teddy Bear Essay
Vermont Teddy Bear Essay
 

Más de Enterprise Management Associates

Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryObservability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryEnterprise Management Associates
 
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...Enterprise Management Associates
 
Modern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizationsModern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizationsEnterprise Management Associates
 
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...Enterprise Management Associates
 
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...Enterprise Management Associates
 
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...Enterprise Management Associates
 
Navigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. RealityNavigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. RealityEnterprise Management Associates
 
Kubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and OpportunitiesKubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and OpportunitiesEnterprise Management Associates
 
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...Enterprise Management Associates
 
Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...Enterprise Management Associates
 
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...Enterprise Management Associates
 
Moving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network AccessMoving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network AccessEnterprise Management Associates
 
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...Enterprise Management Associates
 
The Critical Role of Workload Automation in Achieving Successful Digital Tran...
The Critical Role of Workload Automation in Achieving Successful Digital Tran...The Critical Role of Workload Automation in Achieving Successful Digital Tran...
The Critical Role of Workload Automation in Achieving Successful Digital Tran...Enterprise Management Associates
 
WAN Transformation with SD-WAN: Establishing a Mature Foundation for SASE Suc...
WAN Transformation with SD-WAN: Establishing a Mature Foundation for SASE Suc...WAN Transformation with SD-WAN: Establishing a Mature Foundation for SASE Suc...
WAN Transformation with SD-WAN: Establishing a Mature Foundation for SASE Suc...Enterprise Management Associates
 

Más de Enterprise Management Associates (20)

Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryObservability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
 
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
 
Modern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizationsModern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizations
 
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
 
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
 
Transcending Passwords: Emerging Trends in Authentication
Transcending Passwords: Emerging Trends in AuthenticationTranscending Passwords: Emerging Trends in Authentication
Transcending Passwords: Emerging Trends in Authentication
 
Modernize NetOps with Business-Aware Network Monitoring
Modernize NetOps with Business-Aware Network MonitoringModernize NetOps with Business-Aware Network Monitoring
Modernize NetOps with Business-Aware Network Monitoring
 
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
 
Navigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. RealityNavigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. Reality
 
Kubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and OpportunitiesKubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and Opportunities
 
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
 
Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...
 
CMDB in Cloud Times: Myths, Mistakes, and Mastery
CMDB in Cloud Times: Myths, Mistakes, and Mastery CMDB in Cloud Times: Myths, Mistakes, and Mastery
CMDB in Cloud Times: Myths, Mistakes, and Mastery
 
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
 
Five Managed SD-WAN Trends to Watch in 2023
Five Managed SD-WAN Trends to Watch in 2023Five Managed SD-WAN Trends to Watch in 2023
Five Managed SD-WAN Trends to Watch in 2023
 
Moving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network AccessMoving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network Access
 
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
 
The Critical Role of Workload Automation in Achieving Successful Digital Tran...
The Critical Role of Workload Automation in Achieving Successful Digital Tran...The Critical Role of Workload Automation in Achieving Successful Digital Tran...
The Critical Role of Workload Automation in Achieving Successful Digital Tran...
 
AI-Driven Networks: Leveling Up Network Management
AI-Driven Networks: Leveling Up Network ManagementAI-Driven Networks: Leveling Up Network Management
AI-Driven Networks: Leveling Up Network Management
 
WAN Transformation with SD-WAN: Establishing a Mature Foundation for SASE Suc...
WAN Transformation with SD-WAN: Establishing a Mature Foundation for SASE Suc...WAN Transformation with SD-WAN: Establishing a Mature Foundation for SASE Suc...
WAN Transformation with SD-WAN: Establishing a Mature Foundation for SASE Suc...
 

Último

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 

Último (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

Why Should Organizations Consider Extended Detection and Response (XDR)?

  • 1. Why Should Organizations Consider Extended Detection and Response (XDR)? Christopher M. Steffen, CISSP, CISA Vice President – Research Enterprise Management Associates (EMA) csteffen@enterprisemanagement.com Sponsored by . . .
  • 2. 2 Watch the On-Demand Webinar • Why Should Organizations Consider Extended Detection and Response (XDR)? On-Demand Webinar: https://info.enterprisemanagement.com/extended-detection-and- response-xdr-webinar-ws • Check out upcoming webinars from EMA here: https://www.enterprisemanagement.com/freeResearch
  • 3. | @ema_research Featured Speaker Chris brings over 25 years of industry experience as a noted information security executive, researcher, and presenter, focusing on IT management/leadership, cloud security, and regulatory compliance. He also serves as the co-chair of the zero trust working group for the Cloud Security Alliance (CSA) Chris’s technical career started in the financial services vertical in systems administration for a credit reporting company, eventually building the Network Operations group, as well as the Information Security practice and Technical Compliance practice for the company before leaving as the Principal Technical Architect. He has been the Director of Information for a manufacturing company and the Chief Evangelist for several technical companies, focusing on cloud security and cloud application transformation. He’s also held the position of CIO of a financial services company, overseeing the technology-related functions of the enterprise. Chris currently leads the information security, risk and compliance management practice for Enterprise Management Associates (EMA), a leading industry analyst firm that provides deep insight across the full spectrum of IT and data management technologies. Chris holds several technical certifications, including Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA), and was awarded the Microsoft Most Valuable Professional Award five times for virtualization and Cloud and Data Center Management (CDM). He holds a Bachelor of Arts (Summa Cum Laude) from the Metropolitan State College of Denver. © 2023 Enterprise Management Associates, Inc. 3 Christopher Steffen Vice President - Research Information Security, Risk and Compliance Management Enterprise Management Associates | @ema_research
  • 4. | @ema_research Sponsors © 2023 Enterprise Management Associates, Inc. 4 | @ema_research
  • 6. | @ema_research Demographics & Methodology 6 Which of the following best describes your organization's primary industry? Which of the following BEST describes your specific role (IT Related)? 31.9% 17.1% 15.2% 10.0% 4.3% 2.9% 2.4% 2.4% 2.4% 1.9% 1.4% 1.4% 1.0% 1.0% 1.0% 0.5% 0.5% 0.5% 0.5% 0.5% 0.5% 0.5% 0.5% IT Director CIO/CTO IT Manager/Supervisor (or equivalent) VP IT IT Administrator/System Administrator Chief Data Officer CISO/CSO VP Information Security Information Security Director IT Project/Program Manager IT Service Manager/ITSM Team Leader IT Business Analyst Director of IT Audit/Compliance Director of Cloud Computing/Cloud… Programmer/Developer/Engineer Chief Compliance Officer Chief Privacy Officer Director of Architecture IT Director/Manager (other) IT Auditor/Compliance Specialist IT Architect IT Consultant/Integrator Help Desk/IT Support 14.4% 12.3% 11.9% 11.4% 7.2% 4.7% 4.2% 4.2% 4.2% 4.2% 3.4% 3.0% 2.1% 2.1% 1.7% 1.3% 1.3% 1.3% 1.3% 1.3% 1.3% 0.4% 0.4% 0.4% Manufacturing Computer/Technology Services (IaaS, SaaS, MSP, MSSP,… Finance/Financial Services/Banking Computer/Technology Software (mobile app, consumer,… Retail/Wholesale/Distribution Healthcare/Medical/Pharmaceutical Computer/Technology Hardware (devices, chip,… Computer/Technology: Other Professional Services (non-technical) Transportation/Airlines/Trucking/Rail Telecommunications Utilities/Energy Business Services/Consulting Insurance Automotive Ecommerce Education (federal, state & local) Gaming/Digital Entertainment Government (federal, state & local) Oil/Gas/Chemicals Other Aerospace/Defense Nonprofit/Not for Profit Travel/Hospitality/Recreation © 2023 Enterprise Management Associates, Inc.
  • 7. XDR in the Enterprise 7
  • 8. | @ema_research © 2023 Enterprise Management Associates, Inc. Do you envision an XDR solution or some other security tool/solution replacing your SIEM solution your organization is currently using? 81.1% 18.9% Yes No Is your organization currently using/evaluating an extended detection and response (XDR) solution? 59.7% 26.3% 8.1% 3.8% 2.1% Yes - currently using within our organization Yes - currently evaluating, with funding approved to purchase in the next 3 months Yes - currently evaluating to purchase in the next budget year Yes - soliciting vendors/proof of concept, but no immediate plans to purchase No - not currently using/evaluating
  • 9. | @ema_research © 2023 Enterprise Management Associates, Inc. Which technologies/products do you expect in an XDR platform? 24.1% 20.5% 13.6% 12.6% 9.7% 8.9% 8.5% 2.0% SIEM EDR Email Security Threat Detection NDR ASM SOAR UBA
  • 10. | @ema_research © 2023 Enterprise Management Associates, Inc. What is the primary use case you are looking to solve with XDR? 60.6% 17.8% 6.8% 11.4% 1.7% 1.7% Improve detection of advanced threats Provide automated analyst response Prioritize alert Tool consolidation EDR replacement Alert correlation across tools
  • 11. | @ema_research © 2023 Enterprise Management Associates, Inc. What are the most important orchestration capabilities of an XDR solution? 3.34 3.16 2.95 2.78 2.76 Enrichment Provisioning and deprovisioning Customization (playbooks) Visualizations Collaboration (email, slack, tickets, etc.) What are the most important automation capabilities of an XDR solution? 3.44 3.36 3.04 2.85 2.31 Repetitive Task Reporting Low-code automation Visualization Alert Automation
  • 12. | @ema_research © 2023 Enterprise Management Associates, Inc. Assuming XDR is the evolution of EDR beyond endpoints, which XDR capabilities appeal to you most? 25.5% 21.5% 20.6% 19.0% 13.4% Advanced analytics Simplified visualization of complex attacks Correlation and enrichment of security data from multiple security controls Automated cross-response capabilities Reduction in the number of escalations to higher-skilled security analysts
  • 13. | @ema_research © 2023 Enterprise Management Associates, Inc. When considering the functions and capabilities of an XDR solution, which of the following functions / capabilities are the most important? 8.69 8.66 8.66 8.64 8.62 8.61 8.61 8.61 8.6 8.58 8.55 8.55 Ease of Use / Management Attack understanding/intelligence Automated detection of zero-day attacks Unified Threat Hunting Capabilities Provide Automated Detection of Complex Threats with… Enable More Threat Hunting Imrpove Mean Time to Response (MTTR) Integrate Visibly with Existing Tools and Data Sources Rapid Time to Value / Ease of Deployment Improve Mean Time to Detection (MTTD) End-user Support from Vendor Ingest Multiple Data Sources
  • 15. | @ema_research Conclusions © 2022 Enterprise Management Associates, Inc. XDR solutions are in line to replace underperforming legacy security solutions. But it isn’t always because a solution is underperforming, solution complexity, deployment and maintenance, and resource requirements are important factors. If an XDR solution can easily supplant these solutions and about 1/3 of the annual cost, security leaders are forced to pay attention. . | @ema_research Technology leaders are looking for in a XDR solution mimic the capabilities of the solutions that they are ,looking to replace, namely SIEM and SOAR solutions. XDR takes the core capabilities of SIEM and SOAR solutions and provides those insights in a simple and easy manner to digest. For many organizations, having a simpler and less expensive XDR solution to achieve those same capabilities is likely the right decision. It is not enough to just point out threats and low-level attacks: organizations are looking to their XDR solution to provide advanced insights into the threat landscape.. Organizations looking to evaluate and deploy an XDR solution would do well to make the vendor prove these core capabilities – not just as a point in time, but from a tactical and long-term perspective. Organizations are always updating their security tools and are looking to XDR to help with this process SIEM, SOAR and threat detection are the most important capabilities Ease of use, zero-day threat detection, better reporting attacks, complex analytics, and automated reporting
  • 16. | @ema_research Conclusions © 2023 Enterprise Management Associates, Inc. Extended detection and response, or XDR, is a cybersecurity solution that: • Integrates with existing and future security and operations tools • Provides in-depth insights and reporting to technicians and decisionmakers • Streamlines security operations across users, endpoints, data, networks, cloud resources, applications and other workloads • Applies analytics and automation to detect, analyze, hunt, and mitigate threats. | @ema_research Taking these considerations, functions and capabilities to create a unified definition of “XDR”, EMA proposes the following definition:
  • 17. | @ema_research Get the Report Learn more and download https://bit.ly/3rLfcaZ © 2022 Enterprise Management Associates, Inc. 17 | @ema_research