Sign up to save your podcasts
Or
Share XDR: Extended Detection and Response
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
XDR: Extended Detection and Response
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-xdr-extended-detection-and-response/)
Is XDR changing the investigative landscape for security professionals? The "X" in XDR extends traditional endpoint detection and response or EDR to also include network and cloud sensors. Having this full breadth, XDR can contextualize alerts to tell a more cogent story as to what's going on in your environment.
Check out this post for the basis for our conversation on this week's episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and our guest is Dave Bittner (@bittner), host, The CyberWire.
Thanks to our sponsor, Hunters.
Attackers always find new ways to bypass organizational defenses. While their traces hide in the data, they're also extremely difficult to detect. Hunters.AI is a context-fueled XDR solution that harnesses top-tier threat hunting expertise and ML to autonomously detect, investigate and correlate attack findings across cloud, network, and endpoint.
On this episode of Defense in Depth, you'll learn:
- XDR extends traditional endpoint detection and response or EDR to also include network and cloud sensors.
- XDR is viewed as a comprehensive solution that rolls up all your critical feeds, sensors, and analytics.
- Having this full breadth, XDR can contextualize alerts to tell a more cogent story as to what's going on in your environment.
- If you've got a greenfield security program (essentially it's non existent), XDR is a no-brainer. But for everyone else, which is most of us, rolling out XDR is not as clear cut a decision. How does it integrate with your existing tech stack?
- Lots of question as to why do you need a SIEM if you have XDR? But, most responded that the two technologies are complimentary. Where XDR becomes redundant is if you have SIEM + SOAR + XDR + NDR.
- XDR's real power is the ability to give you some of the investigative details rather than just telling you that somebody breached a certain endpoint. But it can connect the dots and explain that a certain breach also resulted in a certain action. This greatly reduces the time your SOC needs to spend investigating cases.
- Don't though be fooled with solutions that sell purely on reducing time and effort. You're only going to have that if you have useful integrations.
View all episodes
By David Spark, Steve Zalewski, Geoff Belknap
4.8
7373 ratings
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-xdr-extended-detection-and-response/)
Is XDR changing the investigative landscape for security professionals? The "X" in XDR extends traditional endpoint detection and response or EDR to also include network and cloud sensors. Having this full breadth, XDR can contextualize alerts to tell a more cogent story as to what's going on in your environment.
Check out this post for the basis for our conversation on this week's episode which features me, David Spark (@dspark), producer of CISO Series, co-host Allan Alford (@allanalfordintx), and our guest is Dave Bittner (@bittner), host, The CyberWire.
Thanks to our sponsor, Hunters.
Attackers always find new ways to bypass organizational defenses. While their traces hide in the data, they're also extremely difficult to detect. Hunters.AI is a context-fueled XDR solution that harnesses top-tier threat hunting expertise and ML to autonomously detect, investigate and correlate attack findings across cloud, network, and endpoint.
On this episode of Defense in Depth, you'll learn:
- XDR extends traditional endpoint detection and response or EDR to also include network and cloud sensors.
- XDR is viewed as a comprehensive solution that rolls up all your critical feeds, sensors, and analytics.
- Having this full breadth, XDR can contextualize alerts to tell a more cogent story as to what's going on in your environment.
- If you've got a greenfield security program (essentially it's non existent), XDR is a no-brainer. But for everyone else, which is most of us, rolling out XDR is not as clear cut a decision. How does it integrate with your existing tech stack?
- Lots of question as to why do you need a SIEM if you have XDR? But, most responded that the two technologies are complimentary. Where XDR becomes redundant is if you have SIEM + SOAR + XDR + NDR.
- XDR's real power is the ability to give you some of the investigative details rather than just telling you that somebody breached a certain endpoint. But it can connect the dots and explain that a certain breach also resulted in a certain action. This greatly reduces the time your SOC needs to spend investigating cases.
- Don't though be fooled with solutions that sell purely on reducing time and effort. You're only going to have that if you have useful integrations.
More shows like Defense in Depth
View all
Hacked
186 Listeners
Security Now (Audio)
2,011 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
370 Listeners
Risky Business
372 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
CyberWire Daily
1,026 Listeners
Smashing Security
318 Listeners
Click Here
419 Listeners
Darknet Diaries
8,075 Listeners
Cybersecurity Today
177 Listeners
Hacking Humans
316 Listeners
CISO Series Podcast
195 Listeners
Cybersecurity Headlines
139 Listeners
Risky Bulletin
45 Listeners
Hacker And The Fed
167 Listeners