In episode 148 of Cybersecurity Where You Are, Sean Atkinson is joined by Rob Reese, Cyber Incident Response Team Manager at the Center for Internet Security® (CIS®); Dustin Cox, Cyber Incident Response Team Analyst at CIS; and Cliff Moten, Manager, Cybersecurity Solutions Engineering at CIS. Together, they discuss how organizations can use Managed Detection and Response (MDR) tools to help defend against zero-day attacks. Here are some highlights from our episode:

• 01.06. Demystifying zero-day vulnerabilities with a definition
• 02:36. Why zero-day attacks are some of the most serious threats facing organizations today
• 04:19. Examples of zero-day exploits and how these threats affect Incident Response (IR)
• 10:06. The importance of understanding your environment and patch management
• 13:58. How MDR assists with behavioral analysis, assembling holistic inventories, and IR
• 20:02. The role of asset inventories in determining scope and containing a zero-day incident
• 24:08. Why it's important to have humans managing and monitoring an MDR solution
• 27:11. MDR as a means of centralizing evidence of a zero-day attack
• 30:05. Parting thoughts for those concerned with their endpoint security posture

Resources

• CIS Managed Detection and Response™ (CIS MDR)
• Multi-State Information Sharing and Analysis Center®
• CIS Critical Security Control 1: Inventory and Control of Enterprise Assets
• CIS Critical Security Control 2: Inventory and Control of Software Assets
• The CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber Maturity
• Real-Time Indicator Feeds
• Incident Response Policy Template for CIS Control 17

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].