XDR is a designation used when you do not have the ability to cover a wide range of threat vectors. Many providers only have a couple of threats covered, and if they do not manage them for you, they cannot claim to provide a managed service. XDR investments are set up for failure because they overlook the human factor. One-quarter of organizations are now using an XDR (managed detection and response) Security as a service (SaaS) offering provides companies access to outside analysts who command expertise in XDR capabilities.
Source: https://www.helpnetsecurity.com/2021/04/13/xdr-mdr-difference/