Skip to content
XDR Forensics Knowledge Base

Can I use XDR Forensics with EDR/XDR Products?

The level of forensic information XDR Forensics provides is the biggest differentiator that separates it from the rest of the crowd. This fact makes XDR Forensics a perfect candidate for using it side-by-side with an EDR/XDR product.

Here are some EDR/XDR use-case examples:

  • Eliminating false positives by providing analysts with XDR Forensics reports,
  • Investigating pre-cursors,
  • Enriching an alert,
  • Responding to EDR/XDR alerts automatically.

If you use an EDR/XDR or EPP software along with Splunk, check our exclusion/exception rules page.