Mimecast has announced it has joined Exabeam’s XDR Alliance as a founding member. The alliance is a partnership of leading cybersecurity industry innovators committed to an inclusive and collaborative extended detection and response (XDR) framework and architecture. The goal of the XDR Alliance is to foster an open approach to XDR which is essential to enable organizations everywhere to protect themselves against the growing number of cyberattacks, breaches, and intrusions.
“We are thrilled to be a founding member and inaugural email security partner in the XDR Alliance,” said Jules Martin, vice president of ecosystem and alliances at Mimecast. “We see collaboration in security being essential in keeping our customers safe, and leveraging the members’ interconnected, best in class cybersecurity solutions, which allows joint customers to benefit greatly.”
Collaboration is at the core of Mimecast’s industry-leading cyber resilience ecosystem, which includes Exabeam plus 60 other partners, and supports the open framework that is engineered to underpin threat sharing, control points, and remediation capabilities which are fundamental to the modern enterprise. The integration among the XDR members is designed to allow organizations to gain greater insights into their threat landscape, reduce complexity, minimize risk and improve threat detection and response times.
“History will look back and declare how well the cybersecurity industry succeeded in putting collaboration above the competition to help protect our organizations and institutions,” said Gorka Sadowski, chief strategy officer, Exabeam and founder of the XDR Alliance. “We are at an inflection point with an extremely fragmented industry that requires all of us in the vendor community to come together to strengthen organizations’ SOCs. The XDR Alliance brings together the most forward-thinking names in cybersecurity to collaborate on building an XDR framework that is open and will make it easier for security operations (SecOps) teams to protect and secure their organizations.”
The charter of the XDR Alliance is to define an inclusive and open XDR framework and architecture that enables SecOps teams to improve their SOC and their threat detection, investigation, and response (TDIR) by better integrating their current, evolving, and new tools and applications. The open framework will help ensure better interoperability across XDR security technologies resulting in shorter time to value and greater ease of use for security teams. The alliance will also foster collaboration on XDR market education and awareness.
The XDR Alliance has developed a three-tier model that focuses on the core components of the XDR technology stack, which can be broken down into three tiers:
- Data sources / Control points – This refers to the security tooling that generates telemetry, logs and alerts, and that act as control points for a response.
- XDR Engine – This tier is the engine that ingests all the collected data and performs broad threat detection, investigation, and response (TDIR) for SOC operations.
- Content – This tier includes the pre-packaged content and workflows that allow security organizations to deliver on required use cases with maximum efficiency and automation.
XDR Alliance members represent the subcategories of SecOps including security analytics, security information and event management (SIEM), data lake, endpoint, identity management, email security and archive, cloud, network, OT/IoT as well as managed security service providers (MSSPs), Managed Detection and Response Services (MDRs) and Systems Integrators (SIs).