New coalition to fight cyber crime announced by Exabeam

Exabeam, the security analytics and automation company, has announced the XDR Alliance™, a partnership of cybersecurity and information technology innovators committed to an inclusive and collaborative extended detection and response (XDR) framework and architecture.

The goal of the XDR Alliance is to foster an open approach to XDR which is essential to enable organisations everywhere to protect themselves against the growing number of cyber attacks, breaches, and intrusions.

Alongside Exabeam, founding members of the XDR Alliance include best-in-class cybersecurity leaders Armis, Expel, ExtraHop, Google Cloud Security, Mimecast, Netskope, and SentinelOne.

“History will look back and declare how well the cybersecurity industry succeeded in putting collaboration above competition to help protect our organisations and institutions,” said Gorka Sadowski, chief strategy officer at Exabeam and founder of the XDR Alliance. “We are at an inflection point with an extremely fragmented industry that requires all of us in the vendor community to come together to strengthen organisations’ SOCs. The XDR Alliance brings together the most forward thinking names in cybersecurity and IT to collaborate on building an XDR framework that is open and will make it easier for security operations (SecOps) teams to protect and secure their organisations.”

The charter of the XDR Alliance is to define an open XDR framework and architecture that works for end users, help SecOps teams integrate and better align with new and evolving applications and technologies, ensure interoperability across the XDR security vendor solutions set, and collaborate on XDR market education and awareness.

The XDR Alliance has developed a three-tier model that focuses on the core components of the XDR technology stack, which can be broken down into three tiers:

  • Data sources / Control points – This refers to the security tooling that generates telemetry, logs and alerts, and that acts as control points for response.
  • XDR Engine – This tier is the engine that ingests all the collected data and performs broad threat detection, investigation, and response (TDIR) for SOC operations.
  • Content – This tier includes the pre-packaged content and workflows that allow security organisations to deliver on required use cases with maximum efficiency and automation.

XDR Alliance members represent the subcategories of SecOps including security analytics, security information and event management (SIEM), endpoint, identity management, email, cloud, network, OT/IoT, threat detection, investigation and response (TDIR), and network detection and response (NDR) as well as managed security service providers (MSSPs), Managed Detection and Response Services (MDRs) and Systems Integrators (SIs).

“It’s encouraging to see best-in-class cybersecurity vendors come together to ultimately help the end users––many of them our joint customers––have a much improved SOC experience. Organisations have counted on all of our advanced SecOps and TDIR solutions to defend their organisations against one-off and groups of attackers, but now we’re dealing with heightened stakes like covert AI and automated attacks––it is time to unite,” said Michael DeCesare, CEO and president, Exabeam.

DeCesare concludes: “Congratulations to the whole team at Exabeam for creating and driving this initiative––it’s a critical alliance that over time will ensure ethical organisations around the world are many steps ahead of those who seek to take advantage of cyber vulnerabilities, often caused by our fragmented industry.”