Assessing XDR Past, Present, and Future: The RSA Security Conference 2022 Matures the Perspective

Assessing XDR Past, Present, and Future: The RSA Security Conference 2022 Matures the Perspective

This IDC Market Perspective discusses key takeaways from the 2022 RSA Security Conference. Nir Zuk presented a thought-provoking keynote at the 2022 RSA Security Conference. The most important elements of his speech were that security operations center (SOC) tech needs to be rebuilt from scratch to bring autonomy; but it does have to function with the idea of no people in mind. Second, there is an AI/ML level of analytics that bridges alerts and automated response. However, to get there, in the initial stages, AI must learn from people.In some ways, the self-automated SOC puts the cart before the horse. Currently, extended detection and response (XDR) is being developed as a super cybersecurity stack. For all of its promise, if XDR is a song, we are still at the mixing phase. We know the chorus, the melodies, and even the lyrics, but the hooks and the flourishes that fashion the auditory experience of the songs are still unraveling in the studio."The security operations center is the soul of a company's cybersecurity posture and its detection and response capabilities," notes Chris Kissel, research vice president, Cloud-Native XDR and Tier 2 SOC Analytics at IDC. "SOC tactics and tools are constantly evolving, and if ever there was an opportunity to reconcile the imperfections of detection and response platforms of the past, XDR is it."

Please Note: Extended description available upon request.