FireEye XDR Blends Endpoint, Network, Email and Cloud Security
FireEye is the latest cybersecurity technology company to launch an XDR (eXtended Detection and Response) platform for enterprise and mid-market security operations teams.
The official FireEye XDR announcement did not mention potential MSP and MSSP partner use cases. Still, XDR is a market segment that thousands of MSPs and MSSPs are either exploring or diving into as a way to gain deeper, more expansive cyber visibility.
The FireEye XDR Platform is available today and includes FireEye Helix and any combination of FireEye products including Endpoint, Network, Email, and Cloud delivered via cloud subscription licenses with per user or by data consumption options, the company says.
The FireEye Helix platform provides security incident and event management (SIEM), security orchestration, automation and response (SOAR), and correlation capabilities, the company added. Moreover, Mandiant feeds threat intelligence into the system. (Mandiant is selling off the FireEye business, but the two companies will remain partners.)
FireEye XDR: What’s Coming Next
It sounds like the overall FireEye XDR product strategy is a work in progress. The company plans to introduce new FireEye XDR platform capabilities “over the next few quarters,” according to the announcement. Forthcoming capabilities, the company says, will include:
- Enhanced endpoint cloud capabilities;
- FireEye Helix upgraded dashboards and threat graphing capabilities;
- additional support for third-party security tools; and
- continued integration with the Mandiant Advantage platform.
In a prepared statement about the launch, FireEye Executive VP of Products Bryan Palma said:
“Our superior knowledge of threats and the adversary is unmatched. Hands down, I believe we manage the best XDR platform in business by integrating threat intelligence into an advanced detection engine which is delivered centrally and extensibly via the cloud. Our XDR platform translates insight to action across more than 600 security technologies. FireEye XDR furthers our mission to relentlessly protect our customers.”
Palma joined FireEye in January 2021. His background includes enterprise technology, end-customer and channel experience. He is a TPx Communications board member, and previously held key technology and cybersecurity posts at BlackBerry, Boeing, Cisco Systems, Electronic Data Systems, PepsiCo and the U.S. Secret Service.
XDR Market Forecast, Competition and MSSP Considerations
The global XDR market was $505 million in 2020, and is expected to generate at a 19.9 percent compound annual growth rate (CAGR) from 2021 to 2028, according to Grand View Research.
Amid that potential growth opportunity, FireEye faces intense competition in the XDR market. Indeed, dozens of endpoint, network, cloud and SIEM security companies have been extending their existing software toward XDR capabilities. Moreover, well-funded startups are launching XDR software platforms.
MSP- and MSSP-friendly security companies touting XDR developments include BlackBerry, Cisco Systems, Cybereason, Fortinet, Huntress, Netsurion, SentinelOne, Sophos, Stellar Cyber and WatchGuard, among many others.
Among the questions MSPs and MSSPs must consider as they evaluate XDR strategies: Who is actually going to manage XDR’s response services — the software company, the service provider or a combination of companies?