A shield deflecting a laser ray
Illustration: Christopher T. Fong/Protocol

XDR? Oh yeah, we do XDR

Protocol Enterprise

Today: why the hype around XDR might be outpacing the cybersecurity industry’s product-development pipelines, how Walmart built its own hybrid cloud software and where the AI recruiters go marchin’ in.

The XDR hype train

In the world of cybersecurity, here's a strong candidate for the top buzzword of the moment: XDR. The term, which stands for "extended detection and response," has huge potential for improving the state of security.

If only the industry could agree what it really means.

  • "I firmly believe it's one of the most misused or abused terms in the industry," CrowdStrike CTO Michael Sentonas told me.
  • XDR holds that security is most effective when all the data from across a customer’s IT environment can be correlated and analyzed together as a whole.
  • It aims to accomplish this feat by bringing together all of a customer's systems and cybersecurity tools into a unified, integrated platform.
  • Many of the biggest players in the industry — including Microsoft, CrowdStrike and Palo Alto Networks — are moving aggressively to offer an XDR platform (I counted 34 such platforms in total).

Coined by Palo Alto Networks founder Nir Zuk in 2018, XDR originally involved pulling together data from a single vendor's tools.

  • But many vendors now offer XDRs that leverage data from third-party tools, in what is known as "open" XDR. Proponents claim this approach offers more flexibility to customers, since they can tap into their existing security investments.
  • The industry analysts I spoke with were hesitant to say that open XDR is superior to a fully first-party platform, known as "native" XDR.
  • High-value detections are often available with native XDR, since the vendors “know and understand everything in the environment," Forrester Analyst Allie Mellen said.

In addition to “native” and “open” platforms, there's a third XDR category to be aware of: the fakers.

  • Gartner recently warned that by next year, nearly a third of security information and event management (SIEM) and endpoint detection and response (EDR) providers "will claim to provide XDR, despite them lacking core XDR functionality."
  • Ultimately, with XDR, "the buzz is outpacing the market," said Query.AI Co-founder Andrew Maloney. "Now every big player claims an XDR capability, whether they have it or not."

Read the full story here.

— Kyle Alspach (email | twitter)

SPONSORED CONTENT FROM SAP

The competitive edge of digital solutions

For the last 50 years, SAP has worked closely with our customers to solve some of the world’s most intricate problems. We have also seen, and have been a part of, rapid accelerations in technology in response. Across industries, certain paths have emerged to help businesses manage the unexpected challenges over the last few years.

Click here to read more from SAP

Everyday hybrid cloud computing

Walmart shared an interesting cloud computing milestone on Thursday when it unveiled its new hybrid architecture courtesy of an abstraction layer that it developed to seamlessly move between its two public clouds – Microsoft Azure and Google Cloud Platform – and its own private clouds.

“This ‘Triplet Model,’ as we call it, is innovative and powerful, both by design and deployment,” Suresh Kumar, Walmart’s global chief technology and development officer, said in a post on LinkedIn. “By pairing public clouds with our Walmart private clouds via a regional cloud model across the U.S. (West, Central and East), we’re enabling 10,000 edge cloud nodes at our facilities and bringing computational power and data closer to our customers and associates.”

In addition to the cloud abstraction layer, Walmart Cloud Native Platform, the new architecture is enabled by custom-built infrastructure that includes traffic management to enable intelligent routing and OneOps, Walmart’s open-source cloud management platform.

The culmination of a multiyear project, the new platform increased application performance and lowered latency, and it offers more capacity to react to peak customer demand during the holiday shopping season, for example, or when it cuts prices on in-demand products. It gives Walmart improved resiliency and disaster recovery capabilities, while reducing its cloud costs by 10% to 18% annually, according to Kumar, who worked at Google, Microsoft, Amazon and IBM prior to joining Walmart.

“[T]hrough our Walmart cloud platform, we can make 170,000 adjustments to our website backend every month, a 1,700X increase over what we were capable of previously,” he said. “This means we can launch new experiences such as the ability to schedule a vaccine appointment at thousands of Walmart pharmacies faster and more seamlessly than ever.”

Global tech is the fastest growing team at Walmart, the company said in March, when it announced plans for 5,000 new tech hires and a pair of tech hubs in Atlanta and Toronto.

— Donna Goodison (email | twitter)

Amazon Astro vs. the Tesla Cybertruck

Amazon has lots of AI internships to fill — and a lot of competition from Google, Microsoft, Tesla, Toyota and a slew of small startups.

But they all knew where to find candidates this week: New Orleans. That’s where young academics from across Asia, Europe and the U.S. swarmed inside the overly air-conditioned halls of the Computer Vision and Pattern Recognition Conference (CVPR).

CVPR was where anyone serious about getting a gig in computer vision was this week (even a particularly ambitious high schooler I met). Hundreds of them posted illustrative explanations of their research on large display boards, attended wonky discussions about deep learning architecture and milled around an expo center where a RoboCop-ian Tesla Cybertruck was on display.

Amazon didn’t dangle any toys quite as enticing as a Cybertruck. But a recruiter at the company’s booth did show off some video of Astro, its home-monitoring robot that potential AI recruits might be able to work on someday.

The company also held workshops focused on its Amazon Go computer vision tech for shopper tracking in physical stores and object recognition in the metaverse.

“We are looking for PhD and Master’s students who can go beyond the coding of engineers and dive deep into research investigations as scientists,” noted a flyer at the Amazon booth promoting its 14- to 16-week internships.

People chosen for Amazon’s 2023 science internships will join more than 8,000 interns around the world – what the company said will be its “largest intern class to date.”

— Kate Kaye (email | twitter)

Around the enterprise

Zendesk was acquired by several different private equity firms for $10.2 billion after a tumultuous year highlighted by a shareholder revolt over its attempt to buy Momentive and its decision to decline a $17 billion private-equity offer.

The Log4Shell vulnerability remains a problem six months after it was first identified, according to a CISA warning that unpatched servers are being compromised.

SPONSORED CONTENT FROM SAP

The competitive edge of digital solutions

When companies invest in maintaining their “green ledger” with the same commitment they have to their financial ledgers, they will be able to connect their environmental, social, and financial data holistically so they can steer their business towards sustainability. At the end of the day, what gets measured, gets managed.

Click here to read more from SAP

Thanks for reading — see you Monday!

Recent Issues

The new doublespeak