BLACK HAT, LAS VEGAS and FOSTER CITY, Calif.: The XDR Alliance has announced the release of a new set of open-source API specifications that help leading cybersecurity vendors collaborate and more easily integrate their advanced technology solutions. As a result, end user customer organisations worldwide can rationalise their disparate and previously siloed cybersecurity solutions, enabling them to more easily operationalise broader coverage for threat detection, investigation, and response (TDIR) use cases. Customers can extract more value from their existing technology tools and avoid proprietary approaches from portfolio vendors.
On average, today’s organisations have more than 31 security tools deployed. In order for security teams to work efficiently, it’s critical that these tools integrate seamlessly within organisational workflows. Open-source APIs facilitate communication between the solutions required for the most extensive and dependable security coverage.
“Despite the hype, there is no single technology company on the market that can do it all. Robust security coverage requires integration and collaboration among the best of the best cyber solutions, easily working together without obstacles,” said Gorka Sadowski, Founder, XDR Alliance and Chief Strategy Officer, Exabeam. “We hear customers loud and clear. They want to minimise vendors yet avoid vendor lock-in, and want best-of-breed without paying an integration tax. We have solved this conundrum and it’s at the core of our API announcement today.”
The new open-source API specifications are a follow-up to the XDR Alliance’s open-source Common Information Model (CIM), which provides the broader cybersecurity community with a common foundation for understanding, normalising, getting deeper visibility into, and enriching data across technologies. The APIs have been developed in collaboration with member organisations earning domain expertise across endpoint, network, cloud, identity, email security, security analytics, security log management, SIEM, and more to provide the most in-depth security coverage for organisations.
XDR Alliance Member
Armis
“It's critical that enterprises and governments globally prioritise cybersecurity, implementing robust and resilient programs that address the new extended attack surface that managed and unmanaged connected assets create,” said Nadir Izrael, CTO and Co-Founder, Armis. “We're proud to participate in the XDR Alliance to offer our expertise here, joining forces with our peers that bring unique insight in their respective areas. Collaborating more effectively to support end-user integration is essential to furthering the cybersecurity industry and protecting society from the malicious attacks of cybercriminals.”
Banyax
“The Banyax mission is to provide world-class cybersecurity TDIR services for every organisation in our geography. To do so, it’s critical for us to help our customers easily integrate all their tools,” said Carlos Alanis, CEO and Co-Founder at Banyax. “We have already adopted these APIs to improve the operationalisation of our services across our customer base and have seen the benefits firsthand.”
Exabeam
“As a leading SIEM and behavioural analytics platform provider, Exabeam connects the dots between all the disparate technologies deployed in organisations and integrates them to power TDIR use cases and outcomes for the simplest to the most demanding environments,” said Seth Spiel, Head of Product Application Platform, Exabeam. “These open-source API specifications enable easier, tighter, and more complete tool rationalisation, and Exabeam is grateful for the collaboration of all XDR Alliance members in their support of this initiative.”
ExtraHop
“In cybersecurity, the network is a key source of truth, shining a light on all traffic: malicious, mundane, and everything in between,” said Phil Shigo, Vice President, Business Development, ExtraHop. “It is important that the broader cybersecurity community is able to correlate robust network insights with a wide range of data sources - logs, endpoints, and more - to gain a greater understanding of how an attacker enters an environment and carries out their offense. The latest from the XDR Alliance is a key step to achieving this cohesion throughout the SOC, helping enterprises uncover cyberattacks before it's too late.”
Mimecast
“Because email is a favourite delivery vector for adversaries, any cybersecurity strategy needs to include email security use cases in scope. Mimecast is committed to the open XDR approach to create a more cybersafe email experience for everyone,” said Jules Martin, Vice President Technology Alliances, Mimecast. “We are excited to have contributed to these API specifications available as open source, and look forward to seeing the benefits.”
Netskope
“The modern workforce's use of the cloud demands protection wherever users, apps, and data are located. Netskope is proud to have added its unique insights into cloud security to the XDR Alliance definitions of open-source API specifications for the benefit of our customers and the broader user community,” says Andy Horwitz, Vice President, Business Development and Technology Alliances at Netskope.
ReliaQuest
“ReliaQuest provides detection, investigation and response services for hundreds of organisations worldwide, and at-scale integrations between disparate tools is critical for us to provide effective offerings to our customers. We are excited to have contributed to the XDR Alliance’s open-source API specification which will help our users break down silos between their security solutions,” says Brian Foster, President of Product and Technical Operations at ReliaQuest.