Lots happening in the XDR space. For those that don’t know the history of this space, the XDR market started as a space for centralizing security data known as Security Information and Event Management (SIEM). As the need for automation and basically taking actions on events came up, the Security Orchestration, Automation and Response (SOAR) market appeared. Meanwhile, the endpoint, defense, and response (EDR) vendors started expanding into more than endpoint essentially doing similar work as SIEM/SOAR creating the extended EDR aka XDR market. Today, everybody is just calling all of these capabilities XDR.
Big players in the security world are making moves to enhance their XDR capabilities. Splunk was recently acquired by Cisco. Know Splunk was originally a SIEM but later acquired Phantom to add SOAR capabilities. Palo Alto is acquiring IBM QRadar. Know IBM’s SIEM is QRadar and SOAR is Resilience. LogRhythm and Exabeam are competing XDR platforms, which are now merging. All of these are very popular XDR offerings and will likely change based on these acquisitions and merging. All announcements justify these moves as a means to centralize data for AI capabilities.
Learn more about the Palo Alto news HERE
Learn more about the LogRhythm and Exabeam news HERE