The industry is awash in cybersecurity tools that focus on specific parts of the infrastructure. There’s EDR (endpoint detection and response) for endpoints, NDR (network detection and response) for network traffic and so on. Palo Alto Networks (@PaloAltoNtwks), Trend Micro (@TrendMicro) and LogRythm (@LogRhythm) all talk to “XDR” (detection and response anywhere in the infrastructure) to pull together all of those disparate solutions into one. @Ovum  and @zkerravala  also published blogs on the idea of XDR.
We think XDR is a great idea and the future of security, too, but we think it should be a completely open solution that doesn’t require vendor lock-in, hence, Open-XDR. Here are three characteristics that make Starlight’s Open-XDR platform a superior solution for cybersecurity across infrastructure.
The Data – Collecting the Right Information
Data is the foundation of XDR. Without the right data, both basic forensics and advanced analytics through machine learning will have challenges. For example, is your EDR the best of breed to provide the firstline defense for you and generate the right data for the XDR? For another example, are your regular firewall traffic logs (without adequate application metadata) enough for the network detection and response?