Skip to content
Vol. 1 · Ed. 2026
CyberGlossary
English
Entry № 1393

XDR (Extended Detection and Response)

Reviewed byCybersecurity entrepreneur & security researcher

What is XDR (Extended Detection and Response)?

XDR (Extended Detection and Response)A security platform that unifies telemetry from endpoint, network, identity, email and cloud sensors to deliver correlated detections and integrated response actions.

Extended Detection and Response (XDR) extends the EDR model beyond the endpoint by ingesting and correlating data from multiple security layers — endpoints, network, identity providers, cloud workloads, email and SaaS. A unified detection engine builds incidents (rather than isolated alerts) by linking indicators across vectors, and a single response surface allows analysts to isolate hosts, revoke tokens or block destinations from one console. XDR can be vendor-native (Microsoft Defender XDR, Palo Alto Cortex XDR, SentinelOne Singularity) or open/hybrid, and aims to reduce alert fatigue, shorten MTTR and minimize the integration burden of separate EDR, NDR and email-security products.

Examples

  1. 01

    Microsoft Defender XDR correlating an Office 365 phishing click with an EDR alert on the same user's laptop.

  2. 02

    Cortex XDR linking a malicious PowerShell on an endpoint to lateral SMB traffic captured by network sensors.

Frequently asked questions

What is XDR (Extended Detection and Response)?

A security platform that unifies telemetry from endpoint, network, identity, email and cloud sensors to deliver correlated detections and integrated response actions. It belongs to the Defense & Operations category of cybersecurity.

What does XDR (Extended Detection and Response) mean?

A security platform that unifies telemetry from endpoint, network, identity, email and cloud sensors to deliver correlated detections and integrated response actions.

How do you defend against XDR (Extended Detection and Response)?

Defences for XDR (Extended Detection and Response) typically combine technical controls and operational practices, as detailed in the full definition above.

What are other names for XDR (Extended Detection and Response)?

Common alternative names include: Extended Detection and Response.

Related terms

See also