XDR Alliance releases open-source API specifications to improve cybersecurity for customers
The XDR Alliance released a new set of open-source API specifications that help leading cybersecurity vendors collaborate and integrate their technology solutions.
As a result, end user customer organizations worldwide can rationalize their disparate and previously siloed cybersecurity solutions, enabling them to more easily operationalize broader coverage for threat detection, investigation, and response (TDIR) use cases. Customers can extract more value from their existing technology tools and avoid proprietary approaches from portfolio vendors.
On average, today’s organizations have more than 31 security tools deployed. In order for security teams to work efficiently, it’s critical that these tools integrate seamlessly within organizational workflows. Open-source APIs facilitate communication between the solutions required for the most extensive and dependable security coverage.
“Despite the hype, there is no single technology company on the market that can do it all. Robust security coverage requires integration and collaboration among the best of the best cyber solutions, easily working together without obstacles,” said Gorka Sadowski, Founder, XDR Alliance and Chief Strategy Officer, Exabeam. “We hear customers loud and clear. They want to minimize vendors yet avoid vendor lock-in, and want best-of-breed without paying an integration tax. We have solved this conundrum and it’s at the core of our API announcement today.”
The new open-source API specifications are a follow-up to the XDR Alliance’s open-source Common Information Model (CIM), which provides the broader cybersecurity community with a common foundation for understanding, normalizing, getting deeper visibility into, and enriching data across technologies. The APIs have been developed in collaboration with member organizations earning domain expertise across endpoint, network, cloud, identity, email security, security analytics, security log management, SIEM, and more to provide the most in-depth security coverage for organizations.
“It’s critical that enterprises and governments globally prioritize cybersecurity, implementing robust and resilient programs that address the new extended attack surface that managed and unmanaged connected assets create,” said Nadir Izrael, CTO, Armis. “We’re proud to participate in the XDR Alliance to offer our expertise here, joining forces with our peers that bring unique insight in their respective areas. Collaborating more effectively to support end-user integration is essential to furthering the cybersecurity industry and protecting society from the malicious attacks of cybercriminals.”
“The Banyax mission is to provide world-class cybersecurity TDIR services for every organization in our geography. To do so, it’s critical for us to help our customers easily integrate all their tools,” said Carlos Alanis, CEO at Banyax. “We have already adopted these APIs to improve the operationalization of our services across our customer base and have seen the benefits firsthand.”
“As a leading SIEM and behavioral analytics platform provider, Exabeam connects the dots between all the disparate technologies deployed in organizations and integrates them to power TDIR use cases and outcomes for the simplest to the most demanding environments,” said Seth Spiel, Head of Product Application Platform, Exabeam. “These open-source API specifications enable easier, tighter, and more complete tool rationalization, and Exabeam is grateful for the collaboration of all XDR Alliance members in their support of this initiative.”
“In cybersecurity, the network is a key source of truth, shining a light on all traffic: malicious, mundane, and everything in between,” said Phil Shigo, VP, Business Development, ExtraHop. “It is important that the broader cybersecurity community is able to correlate robust network insights with a wide range of data sources – logs, endpoints, and more – to gain a greater understanding of how an attacker enters an environment and carries out their offense. The latest from the XDR Alliance is a key step to achieving this cohesion throughout the SOC, helping enterprises uncover cyberattacks before it’s too late.”
“Because email is a favorite delivery vector for adversaries, any cybersecurity strategy needs to include email security use cases in scope. Mimecast is committed to the open XDR approach to create a more cybersafe email experience for everyone,” said Jules Martin, VP Technology Alliances, Mimecast. “We are excited to have contributed to these API specifications available as open source, and look forward to seeing the benefits.”
“The modern workforce’s use of the cloud demands protection wherever users, apps, and data are located. Netskope is proud to have added its unique insights into cloud security to the XDR Alliance definitions of open-source API specifications for the benefit of our customers and the broader user community,” says Andy Horwitz, VP, Business Development and Technology Alliances at Netskope.
“ReliaQuest provides detection, investigation and response services for hundreds of organizations worldwide, and at-scale integrations between disparate tools is critical for us to provide effective offerings to our customers. We are excited to have contributed to the XDR Alliance’s open-source API specification which will help our users break down silos between their security solutions,” says Brian Foster, President of Product and Technical Operations at ReliaQuest.
In the past year, the XDR Alliance has welcomed Banyax, Deloitte, and ReliaQuest as new members to strengthen its presence in the MSSP/MDR market.