Security operations demand massive scale to collect, process, analyze, and act upon massive amounts of data. Early XDR was anchored to two primary data sources: endpoints and networks. While this was an improvement on disconnected EDR and NDR tools, threat detection and response across enterprise organizations demands a wider aperture, including cloud workloads, threat intelligence feeds, SaaS applications, and identity and access management visibility. At the same time, in order to modernize security operations centers and keep up with the volume of security alerts, large organizations need advanced analytics to help automate tier-1 analyst tasks like triaging alerts, correlating alerts with IoCs, and preparing incidents for investigations.
This ESG eBook explores these trends. ESG surveyed 376 IT and cybersecurity professionals at organizations in North America (US and Canada) personally responsible for evaluating, purchasing, and utilizing threat detection and response security products and services.