Security provider Exabeam announced at Black Hat USA 2021 the formation of the XDR Alliance. The alliance consists of security and technology companies that are committed to creating an inclusive and collaborative extended detection and response (XDR) framework and architecture.
Other founding members of the XDR Alliance include Armis, Expel, ExtraHop, Google Cloud Security, Mimecast, Netskope, and SentinelOne. Members represent subcategories of SecOps, such as security analytics, security information and response management, endpoint, identity management, email, cloud, network, OT/IoT, network detection and response, and threat detection, investigation and response.
The charter of the alliance specifies goals of: a commitment to define an XDR framework that works for end users, help security and operations teams integrate and align with evolving technologies, ensure interoperability across XDR vendors, and collaborate on market education and awareness.
The XDR Alliance created a three-tier model for developing an XDR framework and architecture:
- Data sources and control points, which refers to security tools that generate telemetry, logs, and alerts and act as a control point for response.
- XDR Engine, which ingests collected data and performs threat detection, investigation, and response for SOC operations.
- Content and workflows that allow security teams to deliver on required use cases with efficiency and automation.
“It’s encouraging to see best-in-class cybersecurity vendors come together to ultimately help the end users––many of them our joint customers––have a much improved SOC experience. Organizations have counted on all of our advanced SecOps and TDIR solutions to defend their organizations against one-off and groups of attackers, but now we’re dealing with heightened stakes like covert AI and automated attacks––it is time to unite,” said Michael DeCesare, CEO and president, Exabeam. “Congratulations to the whole team at Exabeam for creating and driving this initiative––it’s a critical alliance that over time will ensure ethical organizations around the world are many steps ahead of those who seek to take advantage of cyber vulnerabilities, often caused by our fragmented industry.”