This IDC Market Perspective discusses the unified extended detection and response (XDR) strategy announced by Cisco on the eve of the 2023 RSA Security Conference. XDR is a market that is simply dynamic. The following dynamics are currently in play:IDC believes there are cases to be made for XDR, SIEM, and MDR depending on what a business wants to achieve and how much of its cybersecurity responsibility it wants to share. Which technologies will gain market share going forward?If businesses chose XDR, will they gravitate toward a more proprietary XDR or will they prefer an open approach?How big will the XDR stack be? We somewhat caustically suggested that DLP, identity assurance, and DVM can possibly be technologies for integration into XDR. However, there is likely a point of diminishing returns where picking up capabilities compromises the tenets of fast detection and response. Ultimately, Cisco needed this platform. The idea of multicloud and multiplatform threat detection and incident response by any other name is genuinely needed to detect, respond, mitigate, and remediate what potential adversaries can do."Cisco XDR will be a competitive solution out of the gate," observes Chris Kissel, research vice president in Security and Trust at IDC. "Cisco has made strides in converting visibility and cloud environments into actionable detections and response. This approach is ultimately correct in that most cyberattacks are fileless. Session data, user behaviors, and network detection and response create the proper context for tracking adversarial behavior."
Please Note: Extended description available upon request.