Future of EDR: Is It Reason-able to Suggest XDR?
Cloud Security Podcast by Google
English - August 30, 2021 17:05 - 27 minutes - 38.4 MB - ★★★★★ - 33 ratingsTechnology cloudsecurity cloud cybersecurity security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Tales from the Trenches: Using AI for Gmail Security
Next Episode: EP30 Malware Hunting with VirusTotal
Guest:
Sam Curry, Chief Security Officer @ Cybereason and Visiting Fellow @ National Security InstituteTopics:
EDR was “invented” in 2013 and we are now in 2021. What do you consider to be modern EDR components and capabilities? Where has EDR fallen short on its initial hype? How focused are the attackers on bypassing EDR? How do you think EDR works in the cloud? In your view, how would future EDR work for containers, microservices, etc? Why aren’t we winning the war against ransomware? XDR is an interesting concept, so how do you define XDR? Is XDR just EDR++ or is XDR SIEM 4.0?Resources:
“The Pyramid of Pain” blog by David Bianco “Named: Endpoint Threat Detection & Response” “Dune” book “The Bomber Mafia“ book