jshlbrd
commented
1 year ago Since Substation is a modular toolkit and not a bespoke solution it already supports XDR use cases, if anyone wants to attempt this then they should start here. If you manage to build your own XDR then you should let us know how it works in the Discussion forum. Good luck! 🤖
Dear Maintainers,
I am writing to request that Substation, the cloud native data pipeline and transformation toolkit written in Go, be updated to support XDR (Extended Detection and Response). XDR is a new approach to cybersecurity that combines multiple security technologies, including EDR, NDR, and SIEM, to provide a comprehensive view of the entire threat landscape and enable faster and more effective threat detection and response.
As a tool designed to manage and transform data in cloud environments, Substation has the potential to greatly enhance the security of these environments by incorporating XDR capabilities. By enabling data exchange and interoperability with other security systems and tools, Substation can provide users with a unified, holistic view of their entire security posture and enable them to respond to threats more quickly and effectively.
I believe that adding XDR support to Substation would be a valuable addition to the tool and a significant asset to the security community. If there are any plans to implement this feature in the future, I would be interested in contributing to the effort.
Thank you for considering this request.