Mimecast today announced it has joined Exabeam’s XDR Alliance as a founding member. The alliance is a partnership of leading cybersecurity industry innovators committed to an inclusive and collaborative extended detection and response (XDR) framework and architecture. The goal of the XDR Alliance is to foster an open approach to XDR which is essential to enable organizations everywhere to protect themselves against the growing number of cyberattacks, breaches, and intrusions.
“We are thrilled to be a founding member and inaugural email security partner in the XDR Alliance,” said Jules Martin, vice president ecosystem & alliances at Mimecast. “We see collaboration in security being essential in keeping our customers safe, and leveraging the members’ interconnected, best in class cybersecurity solutions, which allows joint customers to benefit greatly.”
Collaboration is at the core of Mimecast’s industry leading cyber resilience ecosystem, which includes Exabeam plus 60 other partners, and supports the open framework that are engineered to underpin threat sharing, control points and remediation capabilities which are fundamental to the modern enterprise. The integration among the XDR members is designed to allow organizations to gain greater insights into their threat landscape, reduce complexity, minimize risk and improve threat detection and response times.
The charter of the XDR Alliance is to define an inclusive and open XDR framework and architecture that enables SecOps teams to improve their SOC and their threat detection, investigation, and response (TDIR) by better integrating their current, evolving, and new tools and applications. The open framework will help ensure better interoperability across XDR security technologies resulting in shorter time to value and greater ease of use for security teams. The alliance will also foster collaboration on XDR market education and awareness.
The XDR Alliance has developed a three-tier model that focuses on the core components of the XDR technology stack, which can be broken down into three tiers:
● Data sources / Control points – This refers to the security tooling that generates telemetry, logs and alerts, and that act as control points for response.
● XDR Engine – This tier is the engine that ingests all the collected data and performs broad threat detection, investigation, and response (TDIR) for SOC operations.
● Content – This tier includes the pre-packaged content and workflows that allow security organizations to deliver on required use cases with maximum efficiency and automation.
XDR Alliance members represent the subcategories of SecOps including security analytics, security information and event management (SIEM), data lake, endpoint, identity management, email security and archive, cloud, network, OT/IoT as well as managed security service providers (MSSPs), Managed Detection and Response Services (MDRs) and Systems Integrators (SIs).
The founding members of the XDR Alliance encourage security vendors to participate in the alliance for the continuous improvement of threat detection, investigation, and response (TDIR) outcomes.