Security news aggregator

Latest coverage for XDR

XDR combines security data from endpoints, networks, email, and cloud systems to help detect and investigate attacks across an organization.

1 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Extended detection and response (XDR) combines security telemetry from domains such as endpoints, identity systems, email, networks, servers, and cloud workloads. It correlates related events into potential attack activity, helping analysts investigate a sequence of actions rather than isolated alerts. XDR platforms may also trigger responses such as isolating a host, disabling an account, or blocking a message, subject to configured policies and approvals.

XDR’s effectiveness depends on the quality and coverage of its integrations: missing telemetry, incompatible data, or poorly tuned detections can leave attack paths hidden or create excessive false positives. Automated response requires careful testing because an incorrect action can interrupt legitimate operations, while compromised XDR administration could provide broad control over connected systems. Centralized collection may also expose sensitive endpoint, identity, or communications data, so access controls, retention, and privacy requirements need review. Practitioners should assess telemetry coverage, detection logic, audit trails, and response playbooks rather than treating product integration alone as evidence of protection.

Showing 1 most recent headlines Filtered view

Breaches don't just happen to large enterprises. Threat actors are increasingly targeting small businesses. In fact, 43% of data breaches involved small to medium-sized businesses. But there is a glaring discrepancy. Larger businesses typically have the budget to keep their lights on if they are breached. Most small businesses (83%), however, don't have the financial resources to recover if they