How AI is strengthening XDR to consolidate tech stacks

VentureBeat continues to see CISOs and their security teams migrate from Endpoint Detection and Response to XDR for greater consolidation savings and a more unified view of all attack surfaces and potential threats.
XDR is riding a strong wave of support due to its ability to consolidate functions while limiting data movement, two high priorities for CISOs today.
XDR platforms vary in their unique approaches to AI and machine learning.
The majority of CISOs, 96%, plan to consolidate their security platforms, with 63% saying XDR is their top solution choice.
Leading XDR providers are doubling down on AI, generative AI and machine learning on their roadmaps to deliver more consolidation in less time.
CrowdStrikes' move to use AI as a consolidation strategy in their XDR launch at Fal.Con 2022, followed by Palo Alto Networks and Zscaler, shows the selling consolidation pays.
XDR platforms' real-time availability of access, endpoint, email, network, and web-based app telemetry data are helping improve prediction accuracy.
The leading XDR vendors have been using endpoint data to train LLMs and further strengthen endpoint security.
Closing the growing gaps between identities and endpoint security is one of the challenging problems XDR providers are attempting to solve.
XDR platforms need AI/ML technologies to identify malware-free breach attempts while also looking for signals of attackers relying on legitimate system tools and living-off-the-land techniques to breach endpoints undetected.
Ten areas where AI has the greatest potential to strengthen XDR. XDR providers tell VentureBeat that the challenge of parsing an exponential increase in telemetry data, performing telemetry enrichment and mapping data to schema are the immediate architectural requirements they have.
VentureBeat is seeing significant interest on the part of organizations adopting XDR for more real-time monitoring support and better accuracy when ti comes to threat detection and response.
Automated Threat Response: Another high-priority design goal for XDR systems, all major XDR platform providers either are shipping this feature or have announced it.
AI-powered XDR platforms can automate initial responses to threats, such as isolating compromised endpoints or blocking suspicious network traffic, speeding up incident response times.
Leading XDR vendors, including CrowdStrike, are using endpoint data to train their LLMs, which is a state-of-the-art use case illustrating adaptive learning.
An area of competitive intensity between XDR platform providers, predictive analytics continues to become more intuitive and real-time.
Every XDR platform relies on them to forecast future attack trends and vulnerabilities.
AI's financial impact on XDR platforms is delivering short-term relief to the budgetary pains CISOs have regarding the pressure to consolidate their spending.
All leading XDR vendors want to cash in on the consolidation push CISOs, CIOs and boards want to see in cybersecurity spending.
The long-term effect will be that XDR platforms become exponentially better at predicting intrusions and identifying breaches.


This Cyber News was published on venturebeat.com. Publication date: Tue, 13 Feb 2024 22:43:04 +0000


Cyber News related to How AI is strengthening XDR to consolidate tech stacks

How AI is strengthening XDR to consolidate tech stacks - VentureBeat continues to see CISOs and their security teams migrate from Endpoint Detection and Response to XDR for greater consolidation savings and a more unified view of all attack surfaces and potential threats. XDR is riding a strong wave of ...
8 months ago Venturebeat.com
Inside the Challenges of XDR Implementation and How to Overcome Them - Unlike endpoint detection and response, which collects only endpoint security telemetry, XDR collects data from native and third-party security domains including endpoints, cloud workloads, identities and more, then aggregates and applies relevant ...
10 months ago Securityboulevard.com
Extended Detection and Response: The Core Element of Zero-Trust Security - Extending and enhancing threat detection and response capabilities in the face of a growing attack surface is the primary result of XDR when it comes to security efficacy. This outcome can contribute not only to comprehensive protection but also to ...
10 months ago Securityboulevard.com
Azure MACC Credits Gathering Dust? Use Them to Get the Best Prevention-First Security - As we enter 2024, your organization may have unused MACC or Azure commit-to-consume credits as your annual renewal date draws near. Whether you have credits that will soon expire or are starting to plan your Azure spend for the next 12 months, Check ...
9 months ago Blog.checkpoint.com
Stellar & Blackberry Join to Deliver Open XDR to MSSPs and Enterprise - Stellar Cyber, a Double Platinum 'ASTORS' Award Champion in the 2023 Homeland Security Awards Program, and the innovator of Open XDR, has entered into a new partnership with BlackBerry to deliver a comprehensive threat detection and response solution ...
10 months ago Americansecuritytoday.com
SentinelOne vs Palo Alto Cortex XDR: Which Tool is Best? - SentinelOne and Palo Alto are two of the top brands in this space, and this comparison will help you decide if either one of the company's tools is right for you. SentinelOne's Singularity platform offers four subscription tiers that include their ...
5 months ago Techrepublic.com
CVE-2022-0014 - An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory (such as C:\) to store a program that can then be unintentionally ...
2 years ago
CVE-2022-0013 - A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue ...
2 years ago
CVE-2022-0012 - An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of ...
2 years ago
Microsoft Defender for Endpoint is Integrated with Check Point Horizon XDR/XPR - Microsoft Defender for Endpoint integrates with Check Point's extended detection and response solution - Horizon XDR/XPR. One-click integration connects the endpoint solution and telemetry is added to the XDR/XPR artificial intelligence driven data ...
10 months ago Blog.checkpoint.com
MSSPs: Differentiate your Managed Security Offerings with Cisco XDR - As an MSSP, there is no overstating the intense and well-founded focus on pervasive network security. Whether an organization is looking to secure the network, endpoint, email, cloud, applications, identity, or anything in between, security ...
9 months ago Feedpress.me
Wearable Tech Future: Where Fashion Meets Function - From fitness trackers and smartwatches to augmented reality glasses, the future of wearable tech is full of potential. In this article, we will explore the current benefits and challenges of wearable technology, uncover its different types and ...
11 months ago Securityzap.com
CVE-2021-3041 - A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have the ...
3 years ago
Internationalizing Efforts to Counter Tech Support Scams - The Central Bureau of Investigation, India's federal enforcement agency, recently conducted a series of criminal raids against illegal call centers across the country in an attempt to clamp down on tech support fraud. These raids were the result of a ...
11 months ago Darkreading.com
CVE-2017-12757 - Certain Ambit Technologies Pvt. Ltd products are affected by: SQL Injection. This affects iTech B2B Script 4.42i and Tech Business Networking Script 8.26i and Tech Caregiver Script 2.71i and Tech Classifieds Script 7.41i and Tech Dating Script 3.40i ...
5 years ago
CVE-2020-2020 - An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents the Cortex XDR Agent from starting. The ...
3 years ago
Cisco XDR: SLEDs "SOC in a Box" - For State, Local, and Education entities the Security Operations Center is a required tool in the toolbox and a necessity for Cyber Insurance. Threats to data and information are ever evolving, and better safeguarding the security of SLED entities is ...
10 months ago Feedpress.me
Tech workers fear being left unprepared for the future - While tech workers want to learn and organizations are spending thousands of dollars per employee on learning technology, it is not translating into improved on-the-job performance for 4 out of 10 IT employees, according to Skillable. Inadequate ...
10 months ago Helpnetsecurity.com
The Future of IT: Info-Tech 2024 Conference - PRESS RELEASE. TORONTO, Jan. 9, 2024 /PRNewswire/ - Info-Tech Research Group, a global leader in IT research and advisory, has announced that its flagship annual conference, Info-Tech LIVE, will be hosted this year at Bellagio in Las Vegas from ...
9 months ago Darkreading.com
Holistic Approach To Privacy and Security in Tech - In this article, I would like to explain how I tackle privacy and security issues that are specific for large scale web and mobile applications and Big Tech. First, let's outline some of the biggest challenges Big Tech companies deal with in terms of ...
10 months ago Feeds.dzone.com
Tech Support Scammers Are Still At It: What To Look Out For - Tech scams are unfortunately still an issue in 2021, with technological advancements leading cybercriminals to find more creative ways to gain access to your data or charge you for services you don't need. As such, it's important to be aware of the ...
1 year ago Welivesecurity.com
Enhancing Home Privacy with Technology: Your Digital Shield - In an ever-evolving world, technology has become increasingly integral to home privacy. Smart lock systems, video doorbells, motion sensors, security cameras, and automated privacy settings are some of the popular home privacy tech options available. ...
10 months ago Securityzap.com
Big Tech to EU: "Drop Dead" - There's just one wrinkle: the Big Tech companies don't want that future, and they're trying their damndest to strangle it in its cradle. Right from the start, it was obvious that the tech giants were going to war against the DMA, and the freedom it ...
5 months ago Eff.org
Palo Alto Networks Recognized as a Leader in the 2023 Gartner Magic Quadrant for Endpoint Protection Platforms - Today, we are pleased to announce that Palo Alto Networks has been named a Leader in the 2023 Gartner Magic Quadrant for Endpoint Protection Platforms. Before we dive into the significance of this year's Magic Quadrant for EPP, I want to take a ...
9 months ago Paloaltonetworks.com
The Power of Endpoint Telemetry in Cybersecurity - Cisco - By filtering out unwanted data, this telemetry reduces noise and offers clear visibility into endpoint activities, including processes, parent-child process relationships, triggered events, files and network activity, whether malicious or benign. ...
1 month ago Feedpress.me

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)