XDR as a solution is still evolving and means different things to different organizations.   Each vendor has a different spin on XDR as they try to win the market and enterprises struggle to figure out what XDR includes and doesn't.   I try to take a simpler approach as XDR…

Both @Janet Staver ​and @ITSecuri7cfd are spot on.   As a security vendor, like ITSecuri7cfd points out, one tool is for the endpoint and one tool is for the network side.   If you looking for an EDR tool, you should look to compare solutions from Carbon Black, Crowdstrike…

NDR and SIEM are two different types of tools used by security professionals.   You don't need a SIEM to run an NDR solution or vice versa. Larger organizations or mature organizations tend to have both in addition to other tools like EDR and SOAR.  Today's NDR's are…

1. Visibility, ability to provide deep insight into all of the network traffic.  2. Analytic engines, the ability to use multiple detection engines like ML-based, Zeek, Suricata, etc.  3. Scale, ability to address policy requirements for N/S and E/W deployments on-prem or in…

Corelight is a Zeek based solution for network behavior analysis and Vectra AI is a User Behavior based solution. If you are comparing these 2 systems you are comparing apples to oranges. You shouldn't be evaluating these products against each other as they address…

I find this question very interesting.  We, Bricata, provide an IDS solution that when purchased one of the many deployment strategies is to put it right behind the "Tier 1" NGFW/IDPS solutions in the market. I believe this is due to the fact that we provide detailed…