09-24-20 - These Alerts Make Perfect Sense to Nobody

These Alerts Make Perfect Sense to Nobody

September 24, 2020

CISO Series

This week's episode of Defense in Depth

XDR: Extended Detection and Response

Defense in Depth: XDR: Extended Detection and Response

is hosted by me, David Spark, producer of CISO Series and Allan Alford. Our sponsored guest is Uri May, CEO, Hunters. All three of us discussed:

  • XDR extends traditional endpoint detection and response or EDR to also include network and cloud sensors.

  • XDR is viewed as a comprehensive solution that rolls up all your critical feeds, sensors, and analytics.

  • Having this full breadth, XDR can contextualize alerts to tell a more cogent story as to what's going on in your environment.

  • If you've got a greenfield security program (essentially it's non existent), XDR is a no-brainer. But for everyone else, which is most of us, rolling out XDR is not as clear cut a decision. How does it integrate with your existing tech stack?

  • Lots of question as to why do you need a SIEM if you have XDR? But, most responded that the two technologies are complimentary. Where XDR becomes redundant is if you have SIEM + SOAR + XDR + NDR.

  • XDR's real power is the ability to give you some of the investigative details rather than just telling you that somebody breached a certain endpoint. But it can connect the dots and explain that a certain breach also resulted in a certain action. This greatly reduces the time your SOC needs to spend investigating cases.

  • Don't though be fooled with solutions that sell purely on reducing time and effort. You're only going to have that if you have useful integrations.

Special thanks to this week's podcast sponsor, Hunters.

Hunters

Attackers always find new ways to bypass organizational defenses. While their traces hide in the data, they’re also extremely difficult to detect. Hunters.AI is a context-fueled XDR solution that harnesses top-tier threat hunting expertise and ML to autonomously detect, investigate and correlate attack findings across cloud, network, and endpoint.

Cyber Security Headlines

Cyber Security Headlines - September 23, 2020

This week's sponsor of

Cyber Security Headlines

is Trusona

Trusona

TOMORROW! Friday [9-25-20] We're Hacking the Supply Chain

It's happening! Friday, September 25, 2020 at 10 AM PT/1 PM ET for “Hacking the Supply Chain: An hour of critical thinking on building resiliency with the digital supply chain.” 

Participating in this discussion will be Marcia Peters, vp of third-party risk management, TransUnion and Kelly White, founder & CEO, RiskRecon.

Plus, immediately after the video chat (11:00 AM PT/2:00 PM ET) we'll rollover to the CISO Series Friday Meetup. Each participant will be randomly matched up in impromptu 1-on-1 five-minute conversations with fellow cybersecurity professionals. Link to do that will be made available during the video chat.

Thanks to our sponsor RiskRecon.

Best Moments from "Hacking Biometrics"

Best Moments from "Hacking Biometrics"

Here are six minutes of the best moments from “Hacking Biometrics: An hour of critical thinking about using ourselves as a means to enhance the identity journey and our security posture”.

Participating in this discussion were Jason Cramer, head of engineering, Daon and Sridhar Kotamraju, head of product strategy – digital identity, fraud/payments, PNC.

Check out the blog post to watch the video, read the "Best Bad Ideas" and the best quotes from the chat room, and to get access to the full one-hour recording.

Huge thanks to our sponsor, Daon

Daon

Subscribe to all our podcasts

Click any of the podcasts below to get access to the subscription feeds. If you're already a subscriber, thank you!