Security news aggregator

Latest coverage for XDR

XDR combines security data from endpoints, networks, email, and cloud systems to help detect and investigate attacks across an organization.

110 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Extended detection and response (XDR) combines security telemetry from domains such as endpoints, identity systems, email, networks, servers, and cloud workloads. It correlates related events into potential attack activity, helping analysts investigate a sequence of actions rather than isolated alerts. XDR platforms may also trigger responses such as isolating a host, disabling an account, or blocking a message, subject to configured policies and approvals.

XDR’s effectiveness depends on the quality and coverage of its integrations: missing telemetry, incompatible data, or poorly tuned detections can leave attack paths hidden or create excessive false positives. Automated response requires careful testing because an incorrect action can interrupt legitimate operations, while compromised XDR administration could provide broad control over connected systems. Centralized collection may also expose sensitive endpoint, identity, or communications data, so access controls, retention, and privacy requirements need review. Practitioners should assess telemetry coverage, detection logic, audit trails, and response playbooks rather than treating product integration alone as evidence of protection.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 110 Filtered view
Bank Info Security 2 months, 3 weeks ago

Why AI-Driven Arms Race Needs Better Threat Intelligence

TrendAI's Tom Kellermann on Defending Against Agentic Attacks, APT CollaborationAI-driven threats now operate with speed, scale and persistence. Defenders need expanded telemetry, a global research team and an advanced XDR platform to predict and suppress adversaries defenders, said Tom Kellermann, vice president of AI security and threat intelligence at TrendAI.

Bank Info Security 4 months, 4 weeks ago

Koi Purchase Bolsters Palo Alto's AI Attack Surface Defense

$300M Acquisition Strengthens Palo Alto Networks' XDR and AI Governance PlatformPalo Alto Networks plans to acquire Koi Security for $300 million to address growing AI-driven endpoint risks. The startup's technology adds deep visibility into AI agents plug-ins and nonbinary code, enhancing Cortex XDR and Prisma AIRS as enterprises confront a growing unmanaged AI attack surface.

As Innovation Sandbox Turns 21, AI-Based Solutions Dominate Annual ContestNext month in San Francisco, the Innovation Sandbox at RSAC Conference will celebrate its 21st year of choosing key emerging solutions in cybersecurity. Past winners and finalists range from EDR and XDR giant SentinelOne in 2014 to cloud security phenom Wiz in 2021.

How network-led Cisco XDR helps teams see threats clearly and respond faster Sponsored Post Security teams are being asked to do more with less, while the environments they protect continue to grow in size and complexity. Alerts arrive from dozens of tools, each offering a partial view of risk. The real challenge is no longer finding potential threats, but deciding which ones matter and how quickly to act.…

From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanner, XDR, CSPM, SIEM, and CMDB each surface the issue in their own way, with different severity levels, metadata, and context

Also: Continued Turmoil at CISA, MSSP Level Blue's Acquisition of CybereasonIn this week's panel, four ISMG editors discussed the FBI's takedown of Scattered Lapsus$ Hunters, turmoil inside CISA amid the U.S. federal government shutdown and how LevelBlue's acquisition of Cybereason signals big shifts in the XDR and MDR markets.

Cybereason Deal Bolsters LevelBlue's XDR, DFIR and Global Incident Response ReachLevelBlue is acquiring Cybereason to enhance its extended detection and response, digital forensics, and global threat intelligence capabilities. The move brings top talent, expands the firm's footprint in Japan and follows LevelBlue's acquisitions of Aon and MDR provider Trustwave.

Deal Expands Native Email Security and Response Workflows for MDR and MSP ClientsBitdefender’s acquisition of Irish startup Mesh adds native email protection to its XDR and MDR portfolios. Mesh’s dual-mode defense and MSP-friendly design provide deeper visibility, faster remediation and enhanced threat response across hybrid environments.

The open-source XDR/SIEM provider’s servers are in other botnets’ crosshairs too Cybercriminals are trying to spread multiple Mirai variants by exploiting a critical Wazuh vulnerability, researchers say – the first reported active attacks since the code execution bug was disclosed.…

Bank Info Security 1 year, 1 month ago

Cybersecurity Firm SentinelOne Suffers Major Outage

After Hours-Long Disruption, XDR Vendor Promises Full Root Cause Analysis of OutageCybersecurity vendor SentinelOne suffered a major, global outage for about six hours on Thursday that disrupted its monitoring of managed response service customers' endpoints and networks, interrupted software updates and kept administrators from accessing consoles for troubleshooting purposes.

Loading more headlines...