The threat landscape isn’t slowing down—and neither is the conversation around how organizations should be defending themselves. Connection recently hosted a webinar, Beyond the SIEM, bringing together a powerhouse panel to break down one of the most important questions in enterprise security right now: Is your current security stack actually protecting you or just generating noise?
Here’s a recap of what our experts covered and why it matters for your organization.
Meet the Panel
The conversation was facilitated by Kimberlee Coombes, Senior Security Solution Architect at Connection, and featured:
- John Chirillo, Principal Security Architect at Connection
- Barry Yuan, Senior Solutions Architect for Cisco’s Security Practice, aligned to Connection and Port53
- Omar Zarabi, President and CEO of Port53
Together, this group brought perspectives from the partner, vendor, and managed service sides of the XDR equation—making for a rich, practical discussion.
What Is Managed XDR and Why Does It Matter?
XDR—Extended Detection and Response—is a security approach that unifies telemetry across endpoints, network, cloud, email, and identity into a single detection and response platform. But the “managed” piece is where the real conversation starts.
Managed XDR means a dedicated team of human security analysts is actively monitoring, triaging, and responding to threats on your behalf—24 hours a day, 7 days a week. This isn’t AI on autopilot. As the panel emphasized, real people are behind every alert, bringing context, judgment, and speed to incidents that automated tools alone can’t fully resolve.
Omar illustrated this with a real-world scenario: an alert fires at 2:00 a.m. With Managed XDR, a trained analyst is already investigating, correlating signals, and taking action—before most IT teams have even seen the notification.
Who Needs This Most?
The panel identified several verticals where Managed XDR use cases are especially strong:
- Healthcare—Sensitive patient data, high regulatory stakes, and lean IT teams
- SLED (State and Local Government and Education)—Growing attack surfaces with limited security budgets
- Retail—Peak-season vulnerabilities and POS exposure
- Manufacturing—OT/IT convergence creating new threat vectors
These are industries where a breach isn’t just a technical problem—it’s an operations-halting, reputation-damaging event.
Cisco Practices What It Preaches
One of the more compelling points came from Barry Yuan, who noted that Cisco itself is an internal use case for XDR. When a vendor uses its own solution at enterprise scale, that’s a meaningful signal. Barry also highlighted the integration of Cisco Talos—one of the world’s largest commercial threat intelligence teams—as a core differentiator. Talos feeds real-time threat intelligence directly into the XDR platform, meaning your defenses are informed by global visibility that no single organization could replicate on its own.
“I Already Use Splunk—Do I Still Need Managed XDR?”
This was one of the most common questions from attendees, and the answer from the panel was clear: Splunk and Managed XDR are complementary, not competing solutions.
Splunk is a powerful SIEM and data analytics platform that excels at log aggregation, custom querying, and compliance reporting. Managed XDR layers on top of that foundation with automated correlation, cross-domain detection, and active response capabilities. Rather than replacing your existing investment, Managed XDR extends it—filling the gaps that SIEMs weren’t designed to cover on their own.
Managed Service vs. Buying a License Yourself
Another great question from the audience centered on cost and control: Why not just purchase an XDR license and manage it yourself?
Omar addressed this directly. XDR is a powerful tool—but it requires a sophisticated, experienced team to configure it correctly, tune it continuously, and act on what it surfaces. Without that expertise, even the best platform can become shelfware. The managed model solves this by giving you access to a full bench of security professionals who live and breathe this technology every day. You get the platform and the people—without the overhead of building that capability internally.
As Kimberlee noted, Connection’s team brings deep fluency in this specific solution set, which means customers aren’t just getting a license hand-off—they’re getting guided, ongoing partnership.
The Takeaway
Security isn’t a product you buy and forget. It’s a practice—and Managed XDR, backed by Cisco’s ecosystem and Port53’s operational expertise, gives organizations a way to practice it at a level that matches today’s threat environment.
If you missed the Beyond the SIEM webinar or want to learn more about how Managed XDR fits into your security strategy, reach out to the Connection security team to set up a conversation. And if you’re headed to Cisco Live 2026, you can check out what we’re bringing to the convention this year and schedule some time to discuss Managed XDR—and more—with our experts in booth #2305.
Samotria Holmes
Samotria Holmes is a Channel and Alliances Leader with more than 17 years of experience building and scaling partner ecosystems across Point of Sale, Cybersecurity, Cloud, CX, and AI technologies. She specializes in developing profitable practices and alliance strategies that align vendor priorities with real customer outcomes—translating complex programs, certifications, and go-to-market motions into clear, repeatable playbooks that drive pipeline, margin, and measurable value. Throughout her career, Samotria has grown partner communities, designed, and operationalized partner programs, and led cross-functional teams spanning Sales, Marketing, Product, and Services. Her work with Cisco and other global technology providers has helped organizations navigate strategic certification requirements and successfully transition to service-led, recurring revenue models. Beyond the technology world, Samotria brings a distinctly entrepreneurial perspective—as the founder of an award-winning specialty food brand, she developed a deep passion for brand-building, operations, and end-to-end customer experience that informs how she approaches partnerships today.
