CLOUD INVESTIGATIONS IN JUST 5 MINUTES: Exploring the Pitfalls of EDR for Cloud

Logo
Presented by

Matthew Rosenquist, CISO; Jamie Butler and Shantanu Gattani, Sysdig

About this talk

Cloud attacks are fast. Malicious actors leverage automation and other sophisticated techniques, executing attacks in less than 10 minutes on average. Security teams need to investigate and assess the situation to initiate an immediate response, but unfortunately, this is rarely the case. The overwhelming amount of data available in the cloud often lacks security context, slowing investigations to a crawl, as analysts are forced to manually collect and correlate evidence across multiple tools and domains. So how can security teams accelerate cloud investigation to combat these fast-moving threats? Join this session to learn: *The importance of achieving the 5/5/5 benchmark for cloud detection and response – 5 seconds to detect, 5 minutes to triage, 5 minutes to respond. *How to streamline investigation, minimizing manual effort from your security operations team. *Key considerations for selecting security tooling optimized for swift investigation and response.
Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (57)
Subscribers (10008)
In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights, a unique AI architecture, and open source Falco. Sysdig delivers live visibility by correlating signals across cloud workloads, identities, and services to uncover hidden attack paths. By knowing what is running, teams can prioritize the vulnerabilities, misconfigurations, permissions, and threats that matter most. From prevention to defense, Sysdig helps enterprises move faster and focus on what matters: innovation. Sysdig. Secure Every Second.