VentureBeat continues to see CISOs and their security teams migrate from Endpoint Detection and Response to XDR for greater consolidation savings and a more unified view of all attack surfaces and potential threats.
XDR is riding a strong wave of support due to its ability to consolidate functions while limiting data movement, two high priorities for CISOs today.
XDR platforms vary in their unique approaches to AI and machine learning.
The majority of CISOs, 96%, plan to consolidate their security platforms, with 63% saying XDR is their top solution choice.
Leading XDR providers are doubling down on AI, generative AI and machine learning on their roadmaps to deliver more consolidation in less time.
CrowdStrikes' move to use AI as a consolidation strategy in their XDR launch at Fal.Con 2022, followed by Palo Alto Networks and Zscaler, shows the selling consolidation pays.
XDR platforms' real-time availability of access, endpoint, email, network, and web-based app telemetry data are helping improve prediction accuracy.
The leading XDR vendors have been using endpoint data to train LLMs and further strengthen endpoint security.
Closing the growing gaps between identities and endpoint security is one of the challenging problems XDR providers are attempting to solve.
XDR platforms need AI/ML technologies to identify malware-free breach attempts while also looking for signals of attackers relying on legitimate system tools and living-off-the-land techniques to breach endpoints undetected.
Ten areas where AI has the greatest potential to strengthen XDR. XDR providers tell VentureBeat that the challenge of parsing an exponential increase in telemetry data, performing telemetry enrichment and mapping data to schema are the immediate architectural requirements they have.
VentureBeat is seeing significant interest on the part of organizations adopting XDR for more real-time monitoring support and better accuracy when ti comes to threat detection and response.
Automated Threat Response: Another high-priority design goal for XDR systems, all major XDR platform providers either are shipping this feature or have announced it.
AI-powered XDR platforms can automate initial responses to threats, such as isolating compromised endpoints or blocking suspicious network traffic, speeding up incident response times.
Leading XDR vendors, including CrowdStrike, are using endpoint data to train their LLMs, which is a state-of-the-art use case illustrating adaptive learning.
An area of competitive intensity between XDR platform providers, predictive analytics continues to become more intuitive and real-time.
Every XDR platform relies on them to forecast future attack trends and vulnerabilities.
AI's financial impact on XDR platforms is delivering short-term relief to the budgetary pains CISOs have regarding the pressure to consolidate their spending.
All leading XDR vendors want to cash in on the consolidation push CISOs, CIOs and boards want to see in cybersecurity spending.
The long-term effect will be that XDR platforms become exponentially better at predicting intrusions and identifying breaches.
This Cyber News was published on venturebeat.com. Publication date: Tue, 13 Feb 2024 22:43:04 +0000