Hunters: XDR threat targeting above security alert data

Hunters XDR logo IntellyxAn Intellyx Brain Candy Brief

Analysts and pundits coined a security space called XDR (eXtended detection and response). While I believe that XDR is a transitional term at best, it does reflect the real complexity of detecting threats and responding to an ever-expanding attack surface using a host of toolsets and data sources that are in constant flux.

Hunters XDR is a pure-play vendor in this nascent market, offering an analytics and response overlay to correlate telemetry and alerts from SIEM, IAM, SOAR and UEBA platforms with cloud-native first principles in mind.

This is relevant because while many forms of network and endpoint threat detection and remediation tools are highly responsive to the alerts of known MITRE ATT&CK pattern within their purviews, they may fail to notice the ‘low and slow’ infiltration of modern attacks that span user credentials, deployment configurations and data warehouses, for instance.

Given that most companies cannot afford to scale security staff at the same rate as they are already scaling their complex hybrid IT application infrastructures, the ability to periscope a graph of the security ‘golden signals’ of context above a sea of logs and alert data may bring threat hunters in range of their most elusive targets.

 

©2021 Intellyx LLC. At the time of writing, Hunters is not an Intellyx customer. Want to see more BrainCandy? Subscribe today. If you are a vendor seeking coverage from Intellyx, please contact us at PR@intellyx.com

SHARE THIS:

Principal Analyst & CMO, Intellyx. Twitter: @bluefug