OpenText has announced OpenText™ Core Threat Detection and Response, an Open XDR solution that uses AI-driven behavioral analytics to spot insider threats and credential misuse before damage is done. The solution shifts security from a rule-based “after-the-fact” model to one that understands user behavior in real time, making it a quick way to strengthen an existing security stack and raise overall cyber-resilience.

Why It Matters

Insider threats remain one of 2025’s toughest security challenges. Employees, contractors, and partners already possess legitimate access — and, often, deep process knowledge — so their actions can be more destructive than external attacks. Classic, rule-centric tools drown SOC teams in false alarms and miss subtle anomalies.

Core Threat Detection and Response behaves more like a seasoned guard who knows every user, continuously learning normal patterns and flagging meaningful deviations with machine-learning models that cut alert noise to only the truly critical events.

Seamless integration with Microsoft Defender and Microsoft Entra ID protects earlier investments; future releases will add other ecosystems.

Key Capabilities

Adaptive Threat Detection: Real-time behavioral analytics and user-action correlation that surface hidden insider risks before static rules would trigger.

Fewer, Smarter Alerts: Context-rich notifications with clear rationale that reduce analyst fatigue and speed up true-threat response.

Open XDR Architecture: Overlays your existing security stack, delivering rapid ROI without “rip-and-replace” disruption.

Business Value

• Expose covert insider activity long before a formal policy violation is logged.

• Lighten SOC workload by focusing analysts on validated, prioritized incidents.

• Maximize return on existing tools through easy, additive integration.

TerraLink team on the new solution

Even though the term XDR (Extended Detection and Response) has existed for quite some time, every vendor interprets the concept differently. Experts still debate which software components must be delivered as part of an XDR solution, yet they agree it has to be a comprehensive solution that unifies control at endpoints and at communication layers. An XDR platform should exploit the latest IT approaches so it can analyze data in the shortest possible time and assess the criticality of vulnerabilities.

XDR is best viewed as a “construction set” with modules selected individually for each customer. This can include endpoint data-analysis tools, network-traffic analytics, AI and machine-learning engines.

Domestic vendors have progressed greatly in recent years, but many of their XDR offerings are based on products that essentially branched out of EDR systems. They do not cover the infrastructure end-to-end and therefore cannot be considered true XDR.

More mature solutions come from large international vendors with decades of experience tracking cyber-threats at all layers:

– data collection on endpoints

– data analysis using AI/ML

– response automation with context on vulnerability criticality.

OpenText is undoubtedly one of them, equipped with powerful tools across all three layers. Launching OpenText Core Threat Detection and Response is a logical move for a major player, given today’s threat landscape and market needs.

We should also remember the long-standing cooperation between OpenText and SAP, which could soon translate into seamless integration with SAP products alongside other enterprise ecosystems.

Moving toward stronger cyber-security with OpenText is a great choice for any security team. TerraLink specialists have extensive experience implementing OpenText software and can help you adopt OpenText Core Threat Detection and Response.

Next Steps

OpenText is building an early-adopter cohort: participants receive 90 days of free access and direct influence over the roadmap. To enroll, contact TerraLink, the key OpenText partner in your region.

Discuss adopting OpenText Core Threat Detection and Response with our specialist

Contact us