Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
176
Views
0
Helpful
1
Replies

Does XDR replace SIEM and SOAR?

Meddane
VIP
VIP

‎04-24-2024 03:17 AM - edited ‎04-24-2024 03:17 AM

Extended Detection and Response (XDR) - Versus - Security information and event management (SIEM).

After the acquisition of Splunk as a SIEM and the launch of Cisco XDR, which one is better for detection and response?

Capture d'écran 2024-04-24 110443.png

 

0 Helpful
1 Reply 1

Ken Stieers
VIP
VIP

‎04-24-2024 04:33 AM

XDR isn't a SEIM... you aren't going to send all of the Windows logs, switch logs, etc. to XDR.

And you can't do your own raw searches into the data, nor can you write your own correlation rules across all of it.

The Automation engine could replace a SOAR, especially of you have mostly Cisco security tools, or the ones they're supporting direct integrations with.


0 Helpful
Customers Also Viewed These Support Documents