Security is a community effort; it takes a network of partners to ensure everyone is secure.
That’s why Cisco’s Extended Detection and Response (XDR) solution, launched in April, focuses on correlating telemetry from several third-party security vendors to increase interoperability and deliver consistent outcomes regardless of vendor or technology.
Security is a fragmented market, and you are only as secure as your weakest link. There is a wealth of tools to address different aspects of enterprise security, but in the Security Operations Center (SOC), a varied toolset can produce a cacophony of signals and alerts that overload teams and send them off hunting for causes wasting precious time and energy. This creates a weak link in security. Cisco XDR aims to fix this fragmented defense solution with a unified security incident detection and response solution that applies analytics to detect malicious activity, and then responds to and remediates threats.
To be effective, XDR solutions must be comprehensive and automatically collect and correlate telemetry from multiple security tools across all vectors — email, endpoints, servers, cloud workloads, and networks. To be truly useful, vendors, service providers, and users must be able to plug in APIs to existing endpoint detection and response (EDR) systems and other security tools.
With these integrations and constant data scanning, security practitioners can employ XDR tools to focus on the bigger picture and the larger threats at hand and how to respond to those threats.
“All of these security tools generate telemetry, but Cisco XDR provides a unified, analytics-driven picture of what is going on,” says Vinu Thomas, COO of Driven Technologies, a cloud-native and cyber security managed service provider helping businesses secure, modernize, and connect their applications, data, and users in a rapidly shifting digital and automated world.
Cisco XDR integrates the telemetry from all these different fragmented tools. “It’s able to work with SIEM technology, which basically consolidates the logs, but then it’s able to take those alerts and create responses that are actionable and can be automated,” explains Thomas.”
Unlike other emerging XDR offerings, Cisco XDR is not limited to its own portfolio of tools but can also unify visibility across multiple control points from disparate vendors. It can work with endpoint, email, next-generation firewall, SIEM, network, and cloud security solutions from a number of vendors.
“Customers are looking for consolidation opportunities and reduced complexity in their security posture. Since Cisco XDR can integrate with the most telemetry sources of any vendor, we are uniquely positioned to be able to address those concerns,” says Brian Feeney, Vice President Worldwide Security Channel Sales at Cisco. “Rather than adding complexity by bringing in an additional siloed solution, Cisco XDR can leverage the tools already in place, regardless of vendor. We believe we’re providing our partners like Driven with the best solution for them to bring secure outcomes to their customers and build long-term loyalty.”
Cisco XDR correlates all the telemetry from the integrated solutions to achieve informed and prioritized recommendations, so organizations can act fast to keep the adversary at bay. For Driven Technologies, says Thomas, “that means we can actually stitch everything together. So, when you have a security incident or a potential security incident, Cisco XDR automatically prioritizes what we need to do first and gives us guided remediation steps. We can then use our AI-driven playbooks to automate those remediation steps, even when it involves a non-Cisco security tool.”
For the Cisco partner community, there are tremendous opportunities on the horizon for you and your business with Cisco XDR. Explore Cisco’s recent Partner XDR Virtual Summit on demand for a deep dive into the vision of Cisco XDR, partner discussions, and a product demo, giving you the knowledge and tools you need to take advantage of this new solution.
To learn more about the innovative Cisco XDR solution and its potential to ensure continuity after a cyberattack, head over to Cisco’s digital newsroom to read the latest article focused on Cisco XDR. Cisco is committed to making world-class security available to more organizations, and that’s only possible with incredible partners like Driven Technologies.
Go to Source