There is XDR and then there is CrowdStrike’s Falcon XDR. That’s according to
Zeki Turedi, CrowdStrike’s Chief Technical Officer. CrowdStrike is a security business which helps organisations stop cyber breaches.
So why is CrowdStrike’s Extended Detection Response (XDR) offering the best on the market? Turedi Explains:
“It’s all about what XDR stands for,” he says.
“Extending Detection Response makes sure we have access to all this vital telemetry – that’s data collected from multiple sources - across networks and are able to protect it from cyber-attack.
“If we think about the last two years we've gone through a pandemic and the way we work has completely changed. That means we've added a new technology, we have a hybrid workforce in the office or at home. This is the result of a whole digital transformation. Being ‘Cloud-First’ is the biggest strategy challenge for the majority of CIOs.”
So far, so good – right? “Correct,” says Turedi. “This seismic change has made organisations more agile and able to deliver products more effectively and be savvier with their customers, but from a security perspective this brings huge amounts of complexity.
“Brand-new architectures, new environments and new cloud organisations now need protection from cyber-attack across the board.”
This is where CrowdStrike Falcon XDR comes in.
“We also have to remember in the last two years the criminal cyber attacker has become a lot more effective and far more threatening,” says Turedi.
“The stakes are higher for organisations, especially on being targeted. The E-criminals. Are simply more sophisticated, Cybercrime is a lucrative business.”
Turedi says XDR is about actually solving all those problems but, more importantly, making sure we're solving the problems in the future.
‘The adversary is more sophisticated and more capable now, so the stakes are high. We need to respond as effectively and as quickly as possible. As an organisation you do not want to be the low hanging fruit – ripe for the picking by Cyber attackers.
“It’s not just about making sure what an attack does happen, we're aware of it and we can respond to it. You need feedback immediately; you need to continuously make sure that you're making life as hard as possible for the adversary.
This, according to Turedi, is the key to XDR. “It’s about being able to look at all the telemetry and pick out the right pieces of data.
“At the end of the day, combating an attack is about an analyst trying to understand what this actually means, so the quicker we can get the right judgement for the analyst the quicker, we can start making the response steps.”
It is all about harnessing what the analyst is identifying and using XDR to automate a response to a specific threat in the future so the analysts can move on to the next new threat and counter it”