Extended Detection and Response (XDR) is provided by the following parts of the Kaspersky Industrial CyberSecurity for Networks functionality:
EDR incident information display when monitoring events to determine the status of detection processing and analyze threat evolution. The information is displayed as an activity graph and in a tabular format.
Event enrichment with information about applications that were running when event registration conditions occurred, information about users who started applications, and other information.
Managing response actions on devices with Endpoint Agent installed. Depending on action trigger conditions, you can turn on device network isolation, block executables and scripts from running, or quarantine files.
Using switch connectors to automatically block unauthorized devices from accessing the network.