Extended Detection and Response (XDR) is provided by the following parts of Kaspersky Industrial CyberSecurity for Networks functionality:
EDR incident information display when monitoring events to determine the status of detection processing and analyze threat evolution. The information is displayed as an activity graph and in a tabular format.
Event enrichment with information about applications that were running when event registration conditions occurred, information about users who started applications, and other information.
Managing response actions on devices with Endpoint Agent installed. Depending on action trigger conditions, you can turn on device network isolation, block executables and scripts from running, or quarantine files.
Using switch connectors to automatically block unauthorized devices from accessing the network.
To learn more about the functionality, watch the video posted on the ‘Kaspersky Tech’ YouTube channel. You can play the video on the Help page (see below) or follow the link https://www.youtube.com/watch?v=EsGIdX4oppM.