Future of EDR: Is It Reason-able to Suggest XDR?

Cloud Security Podcast by Google

English - August 30, 2021 17:05 - 27 minutes - 38.4 MB - ★★★★★ - 33 ratings
Technology cloudsecurity cloud cybersecurity security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: Tales from the Trenches: Using AI for Gmail Security

Next Episode: EP30 Malware Hunting with VirusTotal

Guest:

Sam Curry, Chief Security Officer @ Cybereason and Visiting Fellow @ National Security Institute

Topics:

EDR was “invented” in 2013 and we are now in 2021. What do you consider to be modern EDR components and capabilities? Where has EDR fallen short on its initial hype? How focused are the attackers on bypassing EDR? How do you think EDR works in the cloud? In your view, how would future EDR work for containers, microservices, etc? Why aren’t we winning the war against ransomware? XDR is an interesting concept, so how do you define XDR? Is XDR just EDR++ or is XDR SIEM 4.0?

Resources:

“The Pyramid of Pain” blog by David Bianco “Named: Endpoint Threat Detection & Response” “Dune” book “The Bomber Mafia“ book

Twitter Mentions

@samjcurry