What is the difference between EDR and XDR?

Identity & Access Management (IAM)Data Privacy & Protection
746 viewscircle icon2 Upvotescircle icon2 Comments
Sort by:
Director of IT in Software4 years ago

XDR usually adds a layer of automation to EDR.
We had EDR and when looking to upgrade to XDR one of the main selling features was that it can integrate with our NG firewalls, so you can build a rule when something is being blocked in the EDR it will create a firewall rule as well. It aggregate the data and adds data analytics and threat intelligence

Lightbulb on1
CIO in Manufacturing4 years ago

Based on the discussions I've had with multiple security companies, the X stands for "extended" and just means their own additional services they provide to customers. Rather than just the traditional monitoring, detection, and response, the additional services would include things like SOC 24x7, consulting, corporate incident response, threat hunting, etc..

Lightbulb on2

Content you might like

What strategies can organizations use to address the added compliance burden that comes with AI-enabled tools? How do you keep up with changes to both the vendor’s Terms of Service as well as various data privacy laws?

Read More Comments

When it comes to the vulnerability management process, where can current AI capabilities provide the most value? Have you had success with using AI-enabled tools specifically for deduplication, false positive reduction, prioritization, etc.?

Read More Comments

We're mandated to allocate IT costs to the service level, but this creates friction with Identity & Access Management (IAM). The issue: non-negotiable security costs (MFA, SSO, governance) often exceed the cost of low-value services they protect (e.g., internal portals), leading to business owner pushback. How have you addressed this "Low-Value Service Paradox"? Do you keep foundational SSO/basic provisioning as corporate overhead or allocate everything? Do you use risk- or value-weighted allocation to subsidize essential, low-cost services? Who owns the final decision on allocation formulas—Finance, CIO Council, or Security? Please share specific solutions and governance models that have made IAM cost allocation fair and sustainable.

Read More Comments

How is your company complying with CCPA's Do Not Sell My Personal Information requirement for your California users?

We configured our current consent manager to support Do Not Sell signals.19%

We built an internal tech solution to propagate Do Not Sell signals to relevant adtech platforms.43%

We use a different tool, in addition to our consent manager, to meet this requirement.16%

We are not doing anything, but know we need to find a solution.8%

We are not doing anything yet, and are purposely waiting until CPRA's Do Not Share requirement comes into effect in 2023.3%

We are not doing anything, and do not need to meet this requirement.10%

View Results

Which units of time do you use to measure speed of incident detection?

Seconds / minutes17%

Hours72%

Days / weeks10%

Other (specify in comments)

View Results