Completing the Triad, The Case For Leading With NDR

Logo
Presented by

John Smith // Principal Sales Engineer

About this talk

The information security industry has experienced a number of innovations around SIEM and Endpoint Detection and Response (EDR) solutions over the past few years. These solutions have included leveraging Machine Learning and Cyber Threat Intelligence into their platforms for higher fidelity as well as better response to emerging and acute threats our industries and agencies face. Even with these advancements we have seen several devastating breaches that do more than damage a company’s brand. Unlike real-asset destruction or theft, when intellectual property is stolen or compromised, the owner is never made whole and its value cannot be recouped. The challenge with EDR and SIEM is that they must be configured or installed and any solution that must be configured or installed can be un-configured and un-installed. Many breaches have involved the evasion of properly installed and configured SIEM and EDR solutions. The covert nature of today’s malware and spyware requires a covert response, one where our adversaries are not aware of its presence. In this session, we will discuss and demo the merits of leading with Network Detection and Response (NDR) and how the use of NDR provides coverage against evasion techniques used by attackers against our existing SIEM/EDR investments. Adding the third pillar of NDR to your security triad will provide the needed stability that has been lacking from the traditional two pronged approach to security and visibility. In this session, we will discuss the ways in which NDR compliments and in many cases improves the efficacy of your existing investments in SIEM and EDR. We will also discuss the differences in signal intelligence between what is on the wire vs what is in a log. And finally, we will discuss reasons to take a “NDR-first” approach to visibility at scale, high fidelity detections and digital surveillance.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (190)
Subscribers (11576)
The prevention and protection model of cybersecurity isn’t working: between the cloud, IoT, and the sheer pace of change, the enterprise is no longer built to be walled in. This channel provides educational webinars to help SecOps (SOC) and NetOps (NOC) teams, from CIOs and CISOs to analysts and practitioners, change their perspective in order to identify, investigate, and respond to threats across the modern attack surface. We explore how cloud-native network detection and response (NDR) provides the complete visibility, real-time threat detection, and intelligent response you need to secure your hybrid environment. You’ll also find product information about ExtraHop Reveal(x) which enables you to: Eliminate blind spots: Cover 100% of your hybrid environment, Detect what matters: Find threats 95% faster, and Act quickly: Respond to breaches 70% faster. Learn more at www.extrahop.com