Cyber Defense eMagazine March Edition for 2022

More documents

Recommendations

Info

complement SIEMs by analyzing logs and acting. In fact, NTA/NDR is critical to advancing visibility beyond logs. As you can see, there’s a lot to protect in a network, and a lot of approaches to protecting it. But rather than having a dozen or more point solutions (each with its own interface console) to manage, wouldn’t it be easier, faster, and more efficient to have just one? That’s where XDR / Open XDR comes in. Definitions of XDR Initial definitions of XDR – eXtended or Everything Detection and Response – envisioned it as a single platform that unifies detection and response across the entire security kill chain. The idea is that instead of manning a dozen or more separate security consoles to monitor and protect the network, XDR unifies the telemetry from those tools and presents it in a single dashboard. The more advanced products not only unify the data, but also correlate and analyze it automatically to present a prioritized list of threats with recommendations about how to neutralize them. So how does the market define XDR, specifically? That depends on who you ask. According to Rik Turner, a lead analyst at Omdia who coined the XDR acronym, XDR is “a single, stand-alone solution that offers integrated threat detection and response capabilities.” To meet Omdia’s criteria to be classified as a “comprehensive” XDR solution, a product must offer threat detection and response functionality across endpoints, networks, and cloud computing environments. Gartner’s definition is similar in that it points to features such as alert and incident correlation, built-in automation, multiple streams of telemetry, multiple forms of detections (built-in detections), and multiple methods of response. However, Gartner requires XDR to be achieved through consolidating multiple proprietary, vendor-specific security products. Forrester’s definition of XDR requires the platform to be anchored around an EDR. It defines Native XDR as EDR integrating with a vendor’s own security tools; Hybrid XDR as EDR integrating with third-party security tools; a SAP (Security Analytics Platform) as a platform without built-in EDR, but with built-in NAV and SOAR with third-party integrations; and SSA (Standalone Security Analytics) as those platforms that rely solely on third-party tools for telemetry sources and responses. Open XDR Open XDR was initially created by Stellar Cyber with the same features Gartner mentions, except that not all the security products/components have to be from the same vendor. Instead, the platform is open and integrates with third-party security tools. Some components are built-in, and others are added through deep third-party integrations. The Open XDR moniker was later picked up by vendors who purely rely on a wide ecosystem of thirdparty tools for telemetry sources and response, but who don’t offer any built-in components. Cyber Defense eMagazine – March 2022 Edition 54 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
How Open XDR Helps Open XDR addresses a key reality in organizational cybersecurity infrastructures, which is that companies have already invested heavily in security tools, and they don’t want to have to abandon those investments to adopt XDR. Rather, Open XDR allows companies to leverage these existing investments while making them more valuable by automatically correlating their data with data from other tools and sensors. In addition, the more advanced Open XDR platforms leverage AI and machine learning to cut down on analysts’ “alert fatigue.” Instead of managing thousands of alerts from a dozen or more tools, XDR combines related alerts into higher-level incidents and automatically dismisses many alerts based on what it “learns” to be normal behavior in any given environment. Given the rising tide of cybersecurity attacks affecting every type of organization, combined with a global shortage of cybersecurity analysts and high analyst turnover rates and burnout, any solution that improves protection along with analyst productivity is welcome indeed. That’s the real promise of XDR. About the Author Steve can be reached online at sgarrison@stellarcyber.ai and at our company website http://stellarcyber.ai. Cyber Defense eMagazine – March 2022 Edition 55 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
Why Changing Classified Document St
Page 3 and 4: Tips And Trends for OT Cybersecurit
Page 5 and 6: @MILIEFSKY From the Publisher… De
Page 7 and 8: Welcome to CDM’s March 2022 Issue
Page 9 and 10: Cyber Defense eMagazine - March 202
Page 19 and 20: level of concern while working remo
Page 21 and 22: The Fragility of a GPS Centric Worl
Page 23 and 24: Formerly known as LOng-RAnge Naviga
Page 25 and 26: The Role of The CFO In Enterprise C
Page 27 and 28: Help them mitigate potential risks
Page 29 and 30: The Safest Ways for Bitcoin Trading
Page 31 and 32: and clear instructions through a "N
Page 33 and 34: According to Cybereason’s “Rans
Page 35 and 36: If you implement these three tips,
Page 37 and 38: • Nearly half of zero-day malware
Page 39 and 40: Don’t Become a Horrible Headline:
Page 41 and 42: pandemic era. By empowering profess
Page 43 and 44: Have We Learned from Our Past Mista
Page 45 and 46: internet, etc. How much training is
Page 47 and 48: How to strengthen cyber resilience
Page 49 and 50: A BCDR solution with automated disa
Page 51 and 52: 1. Cybersecurity Incidents Will Bec
Page 53: Is XDR The Right Solution for Today
Page 57 and 58: A very small set of next-gen SIEM s
Page 59 and 60: • What are my options for data la
Page 61 and 62: Additionally, we’ll witness the r
Page 63 and 64: Top 10 Reasons Cyber Defense Firms
Page 65 and 66: 4. Teamwork and individual responsi
Page 67 and 68: 5 Reasons Organizations Need Compre
Page 69 and 70: systems to manage identity and acce
Page 71 and 72: Directed Analytics - The Future of
Page 73 and 74: Directed analytics allow these insi
Page 75 and 76: InDesign and uploaded to indd.adobe
Page 77 and 78: Are You Prepared for the New Normal
Page 79 and 80: • Find Unseen Risk - The hardest
Page 81 and 82: intruders were able to gain control
Page 83 and 84: About the Authors Michael Cheng is
Page 85 and 86: Why am I rehashing this old trope?
Page 87 and 88: 1. Look for and minimize attack sur
Page 89 and 90: On The Frontline in The War Against
Page 91 and 92: How to Fix Mid-Market Security Usin
Page 93 and 94: the particular victims being target
Page 95 and 96: 5 Ways Cybersecurity Will Change In
Page 97 and 98: #3: Supply chains will be the big r
Page 99 and 100: Executive Order Instructs Certain O
Page 101 and 102: • Stay ahead of fraud. Fraud cost
Page 103 and 104: Too Hot to Handle:The case for Zero
Page 105 and 106:
Critically, endpoint security only
Page 107 and 108:
To prevent lateral movement attacks
Page 109 and 110:
Redefining Resilience in The New Wo
Page 111 and 112:
About the Author Andrew Lawton is C
Page 113 and 114:
Cyber Defense eMagazine - March 202
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
CyberDefense.TV now has 200 hotseat
Page 137 and 138:
Books by our Publisher: https://www
Page 139 and 140:
show all

Cyber Defense eMagazine March Edition for 2022

Create successful ePaper yourself

Delete template?

Save as template?