Use Case--XDR in a SOC
A well implemented XDR platform enables the SOC team by giving them access to all the tools and dashboards to be able to quickly scope an incident so the response and remediation actions can be initiated. This XDR platform should have the necessary information curated from different point products such as SWG, SEG, CASB, DLP, EDR, SIEM, Firewall, IDS/IPS, NDR etc. so that the SOC analyst should be able to quickly find out all the endpoints (remote, mobile, cloud, IOT devices) that have been part of this intrusion via different attack channels such as Endpoint, Network, Email and Cloud.