CrowdStrike

The largest vendor in EDR by market share, CrowdStrike expanded into XDR in the fall of 2021 and has been focusing heavily on the category since then. In fact, the company’s flagship Falcon EDR product is now offered under the XDR umbrella, as part of the CrowdStrike Falcon Insight XDR platform. The idea, according to the company, is that customers can “start with the endpoint and easily activate extended capabilities to unlock cross-domain detections, investigations and response.”

CrowdStrike has also taken a distinctive approach to making XDR possible for customers with its CrowdXDR Alliance, which consists of a group of major cybersecurity and software vendors that have agreed upon a standardized XDR schema for data-sharing between tools. The alliance enables partners and customers to tap into an integrated XDR solution where security data “all works the same” regardless of which vendor it’s from, according to Michael Sentonas (pictured), who was recently named president of CrowdStrike. For the purposes of using machine learning-driven analytics, “it all looks the same,” Sentonas said last year. “The language between all the vendors, if you will, is exactly the same.”

Along with major vendors such as Okta, Zscaler and Proofpoint, the CrowdXDR Alliance has grown to include a number of security vendors that also compete with CrowdStrike in the XDR sphere — such as Cisco and Fortinet. Additionally, in September 2022, CrowdStrike announced that Falcon Insight XDR should become even more useful as a “hybrid” XDR tool with the ability to support security data feeds from two major competitors, Microsoft and Palo Alto Networks, which are also top players in XDR.