CF20: 2024's 20 Top XDR Providers You Should Know

Cisco, Palo Alto Networks and Sophos all made our list. See who else did and why.

Edward Gately, Senior News Editor

February 15, 2024

20 Slides
20 XDR providers in demand

Already have an account?

JÖRGE RÖSE-OBERREICH/SHUTTERSTOCK

Extended detection and response (XDR) providers have massive growth opportunities ahead of them amid increasing interest in the technology.

XDR systems continually capture focused data and alerts from all the key systems connected to them; then, they feed this data into a centralized repository, cleaning and normalizing it. In addition to computers, mobile devices and IoT, XDR also draws on data feeds from email security systems, network analysis and visibility tools, identity and access management (IAM) platforms, cloud workload protection systems and elsewhere.

This is our third annual CF20 focusing on XDR providers. Analysts with Omdia, S&P Global Market Intelligence and Forrester weighed in on XDR market trends and what it takes to be a successful XDR provider.

Strong Market for XDR Providers

Elvia Finalle, senior security analyst at Omdia, which shares a parent company with Channel Futures (Informa), said we can expect the XDR market to come close to reaching $1 billion by the end of 2024 if security providers foster strategic business growth by continuing to invest in the technology, which Omdia believes they will.

Omdia's Elvia Finalle

“The market is made up of dozens of small vendors that are providing XDR solutions, rather than a small number of large vendors, which creates a considerable opportunity for future growth,” she said. “Many target specific verticals or other niche areas. At the same time, there are several established vendors also providing a form of XDR. These are the platform vendors or what Omdia refers to as comprehensive XDR. These established vendors are attempting to have a one-solution-to-fit-them-all approach.”

Related:The CF List: 2023's 20 Top XDR Security Providers You Should Know

Past Acquisitions Most Impacting XDR Landscape

While the market landscape continues to evolve, it's been past acquisitions in the threat detection and incident response (TDIR) space, particularly related to endpoint detection and response (EDR), that have set the stage for today's XDR market landscape, Finalle said. Each vendor sees and creates a different XDR and many different integrations that are bundled together, to create their unique take on XDR.

“The threat landscape growth and innovation is an ongoing concern for organizations, but in Omdia's view unless an organization is targeted by a specific threat or type of threat, then it usually has minimal impact on specific purchasing decisions,” she said. “We have not observed a correlation between XDR and increasing regulation, either positive or negative. Omdia has seen increasing cost and complexity related to the acquisition of cyber insurance. As insurers become more sophisticated in cybersecurity, policies are expected to become more complex and more expensive, meaning fewer organizations will be able to afford it. As fewer enterprises are able to insure against risk, in response, more will need to invest in mitigating it. That means TDIR solutions like XDR may eventually benefit.”

Related:The CF List: 20 Top XDR Security Providers You Should Know

Clients Looking For XDR With Built-In EDR Capabilities

Allie Mellen, security and risk analyst at Forrester, said as of this year, Forrester has retired the Forrester EDR Wave and replaced it with the Forrester XDR Wave.

Forrester's Allie Mellen

“This signals the shift in the market to where clients are adopting and looking for XDR with EDR capabilities built in,” she said. “In addition to this, some clients are looking to see if XDR can replace or augment the security information and event management (SIEM) capabilities they have in house to reduce cost, and enable better investigation and response. To meet this demand, some vendors have acquired, developed or partnered for SIEM or SIEM-replacement capabilities in a separate, bundled offering to XDR. This opens up a much bigger portion of the market to XDR vendors than they had previously.”

SOC Teams Overwhelmed with Alerts

Scott Crawford, research director of information security at S&P Global Market Intelligence, said the average number of alerts a security operations center (SOC) team could not respond to on a typical day exceeds 50%, as reported by survey respondents.

“This makes it clear that organizations are being overwhelmed by data volume, given the increasing proliferation of technologies across the board,” he said. “This also introduces increased potential for the role of automation − and ultimately, the promise of new innovations such as generative artificial intelligence (AI) − in helping security teams tackle this volume and complexity with more efficient response. We have seen generative AI make its initial impressions in SecOps technology in the past year, among strategic vendors and challengers alike, and will be watching the trend closely for how it shapes XDR and SecOps technology going forward. We have seen in addition the demand for managed detection and response (MDR) make a similar impact among cybersecurity service providers, adding expertise in these technologies with the functionality driving these markets.”

The capabilities XDR provides certainly are in high demand, Crawford said.

“Different vendors may characterize their threat detection and response capabilities differently, but the value of the capabilities for security teams is evident,” he said.

In the slideshow above, we’ve compiled a list above of 20 top XDR providers based on analysts’ feedback and recent news reports. It’s in no particular order. The list, by no means complete, includes well-known providers. But it also features lesser-known providers making strides in XDR.

Read more about:

VARs/SIsMSPsCF20 Lists

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like