Understanding MDR, XDR, EDR and TDR
A program with proper threat detection and response (TDR) has two key pillars: understanding the scope and being proactive in threat hunting. The biggest value of the security operations center (SOC) is incident response, but the how and why are just as important — and ultimately drive better security defense ... Read More
Intuition vs. Automation: What Man and Machine Bring to Data Security
Cybersecurity experts Colin Henderson and Ray Espinoza share their take on the automation-driven power of machines versus the nuanced capabilities of humans in the security space. While automation is king in detection and reporting, it’s tough to replace humans’ capacity for layered analysis and follow-up. Consider your organization’s unique environment ... Read More
How to Select the Right MDR Service
It can be difficult to understand the differences between the various managed detection and response (MDR) services in the market today. But there are several key elements that can help an organization choose the best option for its cybersecurity needs. Medallia VP of Cloud Security Ray Espinoza singles out the ... Read More
The Evolving Role of the SOC Analyst
As the cyber threat landscape evolves, so does the role of the security operations center (SOC) analyst. Cybersecurity industry veteran and OneTrust VP of Security, Colin Henderson, says organizations must avoid hiring armies of specialists for repetitive tasks. Changing modern SOC teams require analysts to embrace new approaches even if ... Read More
Security Tools Need to Get with the API Program
No cloud API is an island The evolution of cloud services has coincided with the development of advanced Application Programming Interfaces (APIs) that allow developers to link cloud computing services together, making its data and functionality available for other programs to use. Increasingly, these APIs are also being leveraged for ... Read More
Why the Rush to MDR?
LogicHub recently published a survey conducted by Osterman Research, looking at changing trends and attitudes of security professionals around Managed Detection and Response (MDR) services. It’s not surprising that MDR is growing, but the survey revealed that this trend is moving fast, and organizations are in a hurry to solve ... Read More
Should You Outsource or Manage Security In-House?
Cybersecurity professionals Colin Henderson and Ray Espinoza share their take on in-house versus outsourced threat detection and response. Your in-house team has the context necessary to recognize true security threats, but they’ll only perform effectively if you properly educate them about the environment and establish an escalation protocol. Outsourcing can ... Read More
Replace Your SIEM with Neural Net Technology
Security Information Event Management (SIEM) systems are an outdated technology. It’s no longer enough to just manage information – today’s organizations need technology that can proactively detect and respond to dynamic threats as well. SIEM’s learning capabilities to face modern threats is limited but can be replaced with intelligent automation ... Read More
Automating Threat Detection: Three Case Studies
Demystifying the technology with case studies of AI security in action Many automation tools, such as SOAR, suffer from a Catch-22 irony: you know that automation will save you huge amounts of time, but it’s difficult to implement and requires skills you don’t necessarily have in-house. Essentially, you can’t afford ... Read More
It’s Time to Put AI to Work in Security
While we’ve been talking about and imagining artificial intelligence for years, it only has recently started to become mainstream, and accepted for a wide range of applications – from healthcare analytics to Google Maps and Roombas. At the same time, cybersecurity has been strangely slow in embracing this important technology ... Read More
