Podcasts about extended detection

Continuing its global expansion plan, Integrity360 has acquired leading cyber security specialist Holiseum headquartered in Paris, France. The terms of the transaction were not disclosed. The acquisition will enable Integrity360 to accelerate its growth in France and continental Europe, and significantly provide a new and exciting services practice focused on Operational Technology ("OT") and Internet of Things ("IoT") technologies which complement Integrity360's existing service practices. Those include cyber risk and assurance, cyber security testing, incident response, infrastructure, Microsoft cyber, payments compliance, and a highly comprehensive range of cyber security managed services including managed detection and response ("MDR") solutions. Holiseum will continue to operate from its existing three facilities in France but with the benefit of the full resources and capability of the wider Integrity360 business. Holiseum, founded in 2018, is a highly respected and well-established cybersecurity consultancy that specialises in critical and industrial infrastructure. It serves approx. 80 customers throughout France and selected international locations from facilities in Paris and Nimes including organisations operating in the energy, infrastructure, manufacturing, transport and financial sectors. In particular, Holiseum is an expert in OT technology and has helped many global corporate and infrastructure organisations secure and evolve their OT environment and associated IT estates. Holiseum's reputation is underpinned by several security accreditations from ANSSI - the National Cybersecurity Agency of France - including PASSI (cybersecurity audit services) and PACS (cybersecurity support and consulting) - where Holiseum is one of the first three certified organisations in France. Holiseum's portfolio of services include audit, training, investigation and a full suite of OT consulting solutions. Securing critical infrastructures is a high priority for many governments and corporate organisations across the globe due to the alarming rise in attacks on industrial and energy infrastructure. Leading industry analyst Gartner has commented that such attacks could result in the weaponisation of OT environments to seriously harm human life. Despite the tightening of the regulatory environment with the introduction of cyber security frameworks including NIS2 (Network and Information Security 2) and DORA (Digital Operational Resilience Act) the challenge of continuously securing critical infrastructure remains acute. Holiseum will form a major new practice within Integrity360 dedicated to the mission of aiding, protecting and supporting both government and industrial infrastructure. The existing Holiseum team of 32 will be rapidly expanded in France and across all other Integrity360 markets in support of this mission. In addition, Holiseum's headquarters in Paris will form a new regional hub for the group from which it will deliver the full suite of Integrity360 services, and during 2025 an additional Paris based SOC (Security Operations Centre) will be launched to join the existing network of six SOCs across EMEA (Dublin, Stockholm, Naples, Sofia, Madrid and Cape Town). The SOC teams deliver a wide-ranging set of managed services for customers including EDR, XDR and MDR (Endpoint Detection and Response, Extended Detection and Response, and Managed Detection and Response). Integrity360's innovative range of services have been recognised on multiple occasions by Gartner, namely as a Representative Vendor in the Gartner market guide for Managed Detection and Response services. The addition of Holiseum brings group revenues to over €160m and a dedicated cybersecurity team of over 700 employees. Further innovation and demand for its services across the EMEA region will expand group revenues in 2025 across all territories. Ian Brown, Executive Chairman at Integrity360 commented: "We are very excited to be welcoming the team from Hol...

As part of its Pan European expansion plan Integrity360 has acquired leading European PCI QSA (Payment Card Industry Qualified Security Assessor) and cyber security services company Adsigo. The terms of the transaction were not disclosed. The acquisition will enable Integrity360 to expand further into continental Europe and provides additional skilled resources to its existing substantial PCI and cyber security compliance teams. Adsigo is a highly respected and well-established consultancy founded in 2013, and serves customers in Germany, Austria and Switzerland. It operates out of Stuttgart, Hamburg and Zurich from which it provides services to a wide range of financial, industrial, and services organisations. Adsigo has a leading position in PCI compliance and operates as one of the leading Qualified Security Assessor ("QSA") organisations in Europe having completed over 1,500 assessments. Adsigo will complement Integrity360's existing substantial PCI practice which operates as the No. 1 most chosen QSA organisation by Visa and Mastercard service provider organisations across Europe. Integrity360 has also been a proud member of the PCI GEAR (Global Executive Assessor Roundtable) since 2018 helping to refine and define PCI standards for the benefit of the industry. Adsigo will also compliment Integrity360's existing regulatory and cyber framework services capability including ISO27001, cyber security strategy, and third-party risk management. Integrity360 will invest further in Adsigo to become a regional hub for the full suite of Integrity360 services during 2025 including the addition of a new SOC ("Security Operations Centre") based in Germany, which will be combined with the existing circa 130 people Integrity360 SOC resources based out of Dublin, Stockholm, Naples and Sofia. The SOC teams deliver a wide-ranging set of managed services for customers including EDR, XDR and MDR (Endpoint Detection and Response, Extended Detection and Response, and Managed Detection and Response). Integrity360's innovative range of services have been recognised on multiple occasions by Gartner, namely as a Representative Vendor in the Gartner market guide for Managed Detection and Response services. Ian Brown, Executive Chairman at Integrity360 commented: "We are delighted to be welcoming the team from Adsigo to Integrity360. We have known Ralph and Stephan for some time and both organisations share the same passion for technical excellence and customer service as we do. "The enhanced group will now significantly expand our existing activities and cyber services across the DACH region (Germany, Austria and Switzerland) as well as offering the wider range of Integrity360 services to the existing customers of Adsigo. With the addition of Adsigo, group revenues in 2024 will exceed €135m significantly up on 2023, and group resources to approx. 550 employees." Ralph Woern, Founder and Chief Executive Officer of Adsigo commented: "I am really delighted that Adsigo is joining Integrity360 and continuing the journey that we started some 20 years ago. Thanks to the support of our customers and employees, Adsigo has become a leading QSA and provider of cyber services in Germany, Austria and Switzerland. Adsigo is excited to continue that journey but also with Integrity360's support, allowing us to further expand our team, our services, and our market coverage. "Our skills, combined with those of Integrity360, will provide an extension of our portfolio of professional, support and managed services. This is great news for employees, customers, and partners. I look forward to working closely with Ian and the wider Integrity360 team over the coming years." See more stories here.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com With public speaking, everyone has butterflies before they begin; instructors tell speakers to get them to fly in formation. When it comes to tools for cybersecurity, we have a similar situation – you may have End point Detection and Response, Extended Detection and Response, Managed Detection and Response, DR, XDR, MDR, Security Information and Event Management, and many others. ThreatQuotient was founded with the intention of making sure these disparate tools provide actionable information for federal agencies. During today's interview with Craig Mueller, he takes us through context, customization, and collaboration that is needed in all federal agencies. The net result is the reduction in false positives and automation of the intelligence lifecycle. Criag Mueller brings up a topic that is rarely covered—air gapped systems.  Because of their deep understanding of the intelligence community, ThreatQuotient can provide services to agencies that use air-gapped networks.  

As part of its global expansion plan, Integrity360 has acquired Grove Group, a longstanding cybersecurity and cloud services company headquartered in Cape Town, South Africa. The terms of the transaction were not disclosed. The acquisition provides Integrity360 with approx. 600 additional customers across 51 countries, a deep partnership with leading NDR (Network Detection and Response) vendor Darktrace, and another global SOC (Security Operations Centre) location, bringing the group's SOC locations to 5. Grove customers will benefit from access to Integrity360's extensive cyber services portfolio encapsulating cyber risk and assurance, cyber security testing, incident response, infrastructure, end-point, PCI compliance, and a highly comprehensive range of cyber security managed services including innovative XDR/MDR solutions. Integrity360's innovative range of services have been recognised four times in a Gartner market guide, most recently as a Representative Vendor for the second year running in the Gartner guide for Managed Detection and Response services. Grove, like Integrity360, has a long and deep history in cyber security and was founded in 2005, employs approx. 50 employees and is headquartered in Cape Town, South Africa with a regional office in London, UK. Grove has grown strongly over the last 5 years with a CAGR of over 22%, and during 2023 achieved sales of approx. €17m. Grove serves over 600 customers, across multiple countries and regions including the UK, Europe, Africa, the Caribbean, and Mauritius. Grove has developed deep and long standing relationships with several of the world's leading cyber security vendors including Darktrace, Proofpoint, ESET, and Mimecast. The combination of Grove with Integrity360 brings group annual revenues to approx. €130m (up from approx. €85m in 2022) and expands group resources to over 500 employees. Grove's technical support operations will serve as another SOC (Security Operations Centre) operation based out of Cape Town and will be combined with Integrity360's other four SOCs in Dublin, Sofia, Stockholm, and Naples - together operating with over 140 dedicated engineers, consultants and cyber experts in delivering a wide ranging set of managed services for customers including EDR, XDR and MDR (Endpoint Detection and Response, Extended Detection and Response, and Managed Detection and Response). Grove's relationship and deep technical skills in Darktrace have led to the company winning the Darktrace partner of the year award for 3 consecutive years, and its innovative "dSOC" managed service for Darktrace technology is enabling a growing number of customers to optimise their investment in Darktrace AI driven threat detection and response technology. Grove's expertise in Darktrace solutions will add to that developed by Integrity360 following the partnership that it formed with Darktrace in early 2024. Ian Brown, Executive Chairman at Integrity360 commented: "We are delighted to be welcoming Grove to Integrity360. The enhanced group significantly expands our existing activities and cyber services across other continents including Africa and the Caribbean in addition to bolstering our existing markets throughout the UK and continental Europe. "The addition of another Integrity360 regional hub in Cape Town will further enable us to serve the local needs of customers, and the SOC will add to and expand our already considerable 24/7 SOC operations. Both companies share a passion for customer service and innovation and we look forward to offering the group's enhanced range of services to our collective customers and partners over the coming weeks and months." Pip Witheridge, Founder and Chairman of Grove commented: "I am delighted that Grove is joining Integrity360 and continuing the growth journey that we started some 19 years ago. Thanks to the support of our customers, partners and employees Grove has grown and flourished during that time and I am confident will continue to d...

Welcome to the Sophos Podcast Episode 6! This Month's Episode: Exciting Product Updates and Promotions. Join hosts Alex Beeson and Jon Hope as they bring you the latest and greatest from Sophos & Arrow. This month, we're thrilled to introduce a range of new features and updates designed to enhance your cybersecurity experience. What's New: • MDR and XDR Integrations: Discover the powerful new integrations for Managed Detection and Response (MDR) and Extended Detection and Response (XDR). These updates are set to revolutionize your security operations, providing deeper insights and more robust protection. • Sophos Firewall V20 MR2: Dive into an in-depth look at the latest version of Sophos Firewall. Version 20 MR2 is packed with tools to help you seamlessly migrate from older XG hardware to the new XGS models. Learn how these enhancements can streamline your network security and improve performance. Special Feature: • Level Up with Sophos Campaign: Alex introduces an exciting new promotion exclusively for Sophos Partners. The “Level Up with Sophos” campaign offers fantastic opportunities to elevate your business and maximize your partnership with Sophos. Don't miss out on the chance to take your cybersecurity solutions to the next level! Tune in to this month's episode for all these updates and more. Whether you're a long-time Sophos user or new to our products, there's something for everyone. Stay ahead of the curve with the latest innovations and promotions from Sophos.

Send us a Text Message.Learn Splunk from ECA here: https://mailchi.mp/techualconsulting.com/eca-academyWelcome to  Techtual Chatter  your ultimate podcast for all things technology and cybersecurity! In our latest episode, How to Start your Cyber Security Career with Splunk !, host Henri sits down with cybersecurity expert and founder of Ellington Cyber Academy, Kenneth, to unpack everything you need to know about launching a rewarding career in cybersecurity with Splunk.Are you eager to become a **Splunk architect** but don't know where to start? We delve into why a strong technical background is essential and outline the critical Linux proficiency and soft skills needed for client communication and approval.Learn the importance of **hands-on experience** with Splunk and discover how to effectively utilize **NIST and Mitre frameworks** for building top-notch detection rules. Henri and Kenneth also shed light on **baseline behavior understanding** and the pitfalls of implementing ineffective notables.Here are some of the key topics we will discuss tonight:1. **SIEM vs. Log Management:** Discover the critical differences between SIEM platforms and traditional log management solutions. What sets them apart?2. **Splunk Unveiled:** Why is Splunk so popular among organizations? We delve into its features, use cases, and benefits for cybersecurity professionals.3. **Splunk + Cisco Merger:** The recent merger between Splunk and Cisco has significant implications for the SIEM landscape. Learn how it impacts cyber professionals worldwide.4. **XDR and SOAR Integration:** Explore how Extended Detection and Response (XDR) and Security Orchestration, Automation, and Response (SOAR) platforms complement SIEM tools.5. **Learning Resources:** Where can you find the best materials to master Splunk and other SIEM platforms? We share valuable resources for your learning journey.6. **Our Partnership:** Join us in collaboration with ECA and TechTual as we navigate the ever-evolving cybersecurity landscape.Support the Show.If you enjoyed the show don't forget to leave us a 5 star review, to help with the algorithm :) Email: henridavis@thetechtualtalk.com➡️ Need coaching help then go here (ask about our financing)⬇️https://techualconsulting.com/offerings➡️ Want to land your first IT Job? Then check out the IT course from Course careers use my link and code Techtual50 to get $50 off your course ⬇️https://account.coursecareers.com/ref/50932/➡️ Need help getting into Cybersecurity for a low price then check out Josh Madakor's Cybersecurity course at Leveld Careers and use my code TechTual10 to get 10%off your course. ⬇️https://www.leveldcareers.com/a/2147530874/RuqjrBGjIf you want a high paying role in the cloud then click here⬇️https://Levelupintech.com/techStop data brokers from exposing your information with Aura!Click the link below to try out Aura's FREE 14 day trial and see if your personal information has been compromised

Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of “eXtended Detection and Response” (XDR) with CyberWire Hash Table guests Rick Doten, Centene's VP of Security, and Milad Aslaner, Sentinel One's XDR Product Manager. References: Alexandra Aguiar, 2023. Key Trends from the 2023 Hype Cycle for Security Operations [Gartner Hype Cycle Chart]. Noetic Cyber. Daniel Suarez, 2006. Daemon [Book]. Goodreads. Dave Crocker, 2020. Who Invented Email, Email History, How Email Was Invented [Websote]. LivingInternet. Eric Hutchins, Michael Cloppert, Rohan Amin, 2010, Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains [Paper] Lockheed Martin Corporation. Jon Ramsey, Mark Ryland, 2022. AWS co-announces release of the Open Cybersecurity Schema Framework (OCSF) project [Press Release]. Amazon Web Services. Nir Zuk, 2018. Palo Alto Networks Ignite USA '18 Keynote [Presentation]. YouTube. Raffael Marty, 2021. A Log Management History Lesson – From syslogd(8) to XDR [Youtube Video]. YouTube. Raffael Marty, 2021. A history lesson on security logging, from syslogd to XDR [Essay]. VentureBeat. Rick Howard, 2020. Daemon [Podcast]. Word Notes. Rick Howard, 2021. XDR: from the Rick the Toolman Series. [Podcast and Essay]. CSO Perspectives, The CyberWire. Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. Staff, n.d. Open Cybersecurity Schema Framework [Standard]. GitHub. Staff, 2019. What is EDR? Endpoint Detection & Response Defined [Explainer]. CrowdStrike. Staff, 2020. Log Formats – a (Mostly) Complete Guide [Explainer]. Graylog. Stephen Watts, 2023. Common Event Format (CEF): An Introduction [Explainer]. Splunk. Thomas Lintemuth, Peter Firstbrook, Ayelet Heyman, Craig Lawson, Jeremy D'Hoinne, 2023. Market Guide for Extended Detection and Response [Essay]. Gartner. Learn more about your ad choices. Visit megaphone.fm/adchoices

State and local governments are using more devices, applications, and tools than ever before – increasing their cybersecurity complexity. And with limited resources, many IT teams are unable to create a comprehensive view of their security posture as threats evolve in sophistication. In this episode of MeriTalking, MeriTalk's John Curran sits down with Peter Romness, […]

Stop by and catch up with New Zealander Andre Camillo, Technology Specialist - Security and Compliance at Microsoft. Show Notes/Links: Ninja Training: https://aka.ms/NinjaTraining Microsoft Defender for Cloud Apps webinars: https://learn.microsoft.com/en-us/defender-cloud-apps/webinars Microsoft Defender for Cloud Apps e-books: https://learn.microsoft.com/en-us/defender-cloud-apps/e-books Learn Path - Secure cloud apps using Microsoft Defender for Cloud Apps: https://learn.microsoft.com/en-us/training/paths/m365-cloud-app-security-fundamentals/ Extended Detection and Response (XDR) | Microsoft Security: https://www.microsoft.com/en-us/security/business/solutions/extended-detection-response-xdr Detect and respond to modern attacks with unified SIEM and XDR capabilities: https://mslearn.cloudguides.com/en-us/guides/Investigate%20security%20incidents%20in%20a%20hybrid%20environment%20with%20Azure%20Sentinel William 'Bill' Post, inventor of Pop-Tarts, dies at 96: https://www.nbcnews.com/news/us-news/william-bill-post-inventor-pop-tarts-dies-96-rcna138784 Change the way we do security and the way security gets done.   Watch the live replay…  

Briana and Derrick talk to Principled about how XDR, or Extended Detection & Response, is helping SOC (security operations center) personnel increase their ability to detect and mitigate security breaches in real-time. The team developed personas that reflect today's very active SOC analysts who need to detect persistent, under-the-radar threats, known as ‘low and slow' approaches. The XDR solution uses automation to aggregate these persistent security threats and a progressive disclosure strategy to alert analysts about potential breaches. Key moments: 1:18 Cisco's new Breach Protection Suite, which includes XDR 2:09 Going deep on the use case with personas 3:17 How XDR is making day-to-day work simpler for security analysts 4:08 The concept of progressive disclosure 6:51 How AI-generated threats work 11:21 Collaborating with the product principles

A unified security incident detection and response platform that connects to multiple tools in the security stack via APIs, collects telemetry from each, and attempts to correlate that telemetry into a coherent threat picture. CyberWire Glossary link: https://thecyberwire.com/glossary/extended-detection-and-response Audio reference link: Film Major. 2022. Enemy of the State (1998) Faraday Cage HD Tony Scott; Will Smith, Gene Hackman Jon Voight [Video]. YouTube. URL https://www.youtube.com/watch?v=n3gy4otg-24

A unified security incident detection and response platform that connects to multiple tools in the security stack via APIs, collects telemetry from each, and attempts to correlate that telemetry into a coherent threat picture. CyberWire Glossary link: https://thecyberwire.com/glossary/extended-detection-and-response Audio reference link: Film Major. 2022. Enemy of the State (1998) Faraday Cage HD Tony Scott; Will Smith, Gene Hackman Jon Voight [Video]. YouTube. URL https://www.youtube.com/watch?v=n3gy4otg-24 Learn more about your ad choices. Visit megaphone.fm/adchoices

Embracing the 'not if, but when' mindset.Cybersecurity solutions provider Trellix recently unveiled their 2023 Voice of the CISO report. Among other topics, it explored the top 5 challenges cited by Chief Information Security Officers who responded to the Trellix survey. In order, they included:Too many different sources of information.A growing attack surface created by remote workers, increasingly complex supply chains and other social and business factors.Changing regulatory mandates.Difficulties retaining and recruiting staff with the necessary security skills.A lack of buy-in from other parts of the company.These results not only help shine a light on the universal complications of defending IT and OT environments, but the importance of having such conversations in the light of day. Proactive measures and universal support needs to be a priority in order to accurately respond to the evolving regulatory and business continuity efforts that surround industrial cybersecurity.Joining us to discuss these and other topics is Karan Sondhi, Trellix's Chief Technology Officer. Trellix is a leading provider of Extended Detection and Response strategies.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.

Title: Episode 54 - XDR Deep Dive with Matt Robertson and Aaron Woland Hosts Bryan and Tom return with a fascinating exploration of Extended Detection and Response (XDR) in this latest episode of Conf T with your SE. We kick things off with a fundamental question - What is XDR? Our guests, security experts Matt Robertson and Aaron Woland, provide an insightful overview and outline the pressing need for XDR in today's security landscape. The discussion then veers towards understanding the key differences between XDR and SecureX, another well-known security platform. Our hosts dig into the integration of tools like Cisco Threat Response and Orchestration built into SecureX, illuminating how XDR ups the ante by bringing detection into the tool, instead of merely relying on individual security products. Robertson and Woland emphasize the importance of an open XDR platform - one that seamlessly integrates with other vendors outside of Cisco. They detail the significant role of built-in analytics in bolstering security efficacy. Addressing the limitations of Endpoint Detection and Response (EDR), the experts cite the fact that EDR can only reach about 30% of a company's assets and explain why XDR's broader scope is critical in the current context. We then delve into comparisons with Security Information and Event Management (SIEM) systems. Are they the same as XDR? Or, perhaps more pertinently, is a SIEM system enough? Lastly, the conversation steers towards the operational aspects of XDR, specifically how it can confirm, prioritize, and walk through an incident - an essential aspect of any robust cybersecurity framework. Tune in to this gripping episode to deepen your understanding of XDR and why it's vital in today's digital landscape.

Cybercrime Magazine caught up with Steve Snyder, Director of Portfolio Marketing, at the RSA Conference 2023 in San Francisco. Listen and learn the latest from Secureworks. Secureworks Taegis™ offers managed threat prevention, detection, and response (MDR) with the best overall value. Together, we'll stop cyberattacks faster and more efficiently with Extended Detection and Response (XDR). • For more on cybersecurity, visit us at https://cybersecurityventures.com

John Moretti, Principal Solutions Architect, and Mike Sci, Senior Channel Solutions Architect, have become the go-tos when our channel partners have questions or need advice. In this Office Hours episode, John and Mike answer some of the most common questions e3 Ecosystem partners have when it comes to Managed Detection and Response (MDR) versus Extended Detection and Response (XDR). Topics include: The difference between MDR vs. XDR How partners can identify eSentire MDR opportunities How eSentire addresses an organization's overall risk --- Take the Next Step with eSentire's e3 Partner Ecosystem. Our e3 ecosystem provides sophisticated cybersecurity solutions for MSSPs, MSPs, and VARs. The e3 ecosystem simplifies security sales and delivers immediate value to your end customers. With eSentire, your customers can start building a more responsive cybersecurity service today. Interested in becoming an e3 channel parter with eSentire? Apply here. --- Have a question you want John and Mike to answer in the next Office Hours episode? Reach out to us: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire is The Authority in Managed Detection and Response, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company's mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire's Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com

Formed from the amalgam of FireEye and McAfee Enterprise, Trellix is one of the world's biggest suppliers of cybersecurity technology, serving a decent proportion of the Fortune 500 list of companies.On this episode of the Tech Means Business podcast, we're joined by old friend Daryush Ashjari to talk about the new company's offerings, especially its XDR (eXtended detection and response) capabilities.As companies struggle to juggle multiple security tools and have separate detection and remediation systems, sometimes it's enough just to keep from going under a deluge of red flags from different parts of the cybersecurity stack.XDR offers organizations a single place where SecOps can get full oversight of all parts of the enterprise's networks, from the smallest SoC up to powerhouse VMs in distant clouds. This is total insight presented to time- and resource-poor cybersecurity teams.Bringing years of experience to what's now called Trellix, Daryush helps us shed some light on the problems facing many security teams in the face of increased state-sponsored hackers, as well as the usual collection of avaricious cybercriminals preying on the internet's low-hanging fruit.If you suspect your IT security is lacking, or you're struggling to recruit enough skilled cyber staff to discover and remediate threats, Trellix may well have the answer.You can learn more about XDR, the theory, and practice here:https://www.trellix.com/en-us/about/why-trellix.htmlRead the latest threat report:https://www.trellix.com/en-us/threat-center/threat-reports/apr-2022.htmlTrellix virtual events:https://trellixxpanddigital2022.virtualevents-hub.com/Daryush Ashjari's LinkedIn is here:https://www.linkedin.com/in/daryush-ashjari-6857641/And Joe "Wicked Panda" Green is here:https://www.linkedin.com/in/josephedwardgreen/

Since there's been a lot of discussion and debate about Extended Detection and Response (XDR) at the moment, we thought we would bring on two experts to talk about it. Enric Cuixeres is a Cisco Secure customer who has implemented an XDR strategy within his organization Leng D'Or. Our other expert is former US army CID special agent and computer forensic examiner Jessica Bair. Jessica is the Director of Technical Alliances at Cisco, who has been helping many of our customers with their XDR strategies.We discuss the practical implications of implementing XDR, as told by people who have been there and done it – and also what benefits will it really bring, including how it can help overburdened security staff.For more on this topic, take a look at our ebook "Extended Detection and Response for Dummies."Learn more about the Cisco Gateway community as mentioned in the episode. Before that, Lindsey O'Donnell Welch, executive editor of Decipher, is back with us for the second week in a row. Lindsey discusses the just-announced Cyber Safety Review Board and its role in assessing “significant cybersecurity events”. For more information about this check out Decipher's report.And finally, you can view the on-demand broadcast "Defending Against Critical Threats" in which six experts from across Cisco Secure came together to analyze what's been happening in the realms of ransomware, supply chain attacks, vulnerabilities, log4J, Emotet and the rise in Mac OS malware.

Cloud Security News this week 26 Jan 2022 Early December on Cloud Security News, we shared that Symphony Technology Group had acquired McAfee for 4 Billion along with FireEye for 1.2 Billion. The merger of these two companies has now form Trellix, which aims to be a leader in extended detection and response (XDR). In their blog post Trellix shared that “Customers can expect Trellix's living security platform to deliver bold innovation across the XDR market.” - “with automation, machine learning, extensible architecture, and threat intelligence.” You can find out more about Trellix and read their blog post here and let us know if you are excited about this merger? Orca Security is back in the news this week, not for their funding round or their vulnerability findings in AWS. They have made their 1st acquisition: RapidSec, an Israeli cybersecurity startup that protects web applications from client-side attacks. RapidSec's software allows for detection of web-application misconfigurations and deviations from best practices. Orca has indicated that it plans to integrate these web services and API security technologies into its agentless cloud security platform. You can read more about this acquisition here. Cloud Security Firm Polar Security that has emerged from Stealth With $8.5 Million Seed Funding. They are a Tel Aviv, Israel-based cloud security company that aims to provide visibility into companies' cloud data storage to allow security teams to secure the data and avoid compliance problems. You can find out more about them here Hunters.ai announced that it has raised a $68 million Series C round bringing their total funding to date to $118 million. Hunters share in their blog that “Never before has it been more lucrative to be a cyber criminal” and “On the defenders' side, we see organizations struggling to keep pace. As technology advances and more tools are being used, the attack surface grows and the number of security products used by these organizations increases.” This is where Hunter.ai believes they can help with their Extended Detection and Response (XDR) platform used by Security Operations Center (SOC) teams to detect, investigate and stop threats. You can find out more about them here Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

Cloud Security News this week 26 Jan 2022 Early December on Cloud Security News, we shared that Symphony Technology Group had acquired McAfee for 4 Billion along with FireEye for 1.2 Billion. The merger of these two companies has now form Trellix, which aims to be a leader in extended detection and response (XDR). In their blog post Trellix shared that “Customers can expect Trellix's living security platform to deliver bold innovation across the XDR market.” - “with automation, machine learning, extensible architecture, and threat intelligence.” You can find out more about Trellix and read their blog post here and let us know if you are excited about this merger? Orca Security is back in the news this week, not for their funding round or their vulnerability findings in AWS. They have made their 1st acquisition: RapidSec, an Israeli cybersecurity startup that protects web applications from client-side attacks. RapidSec's software allows for detection of web-application misconfigurations and deviations from best practices. Orca has indicated that it plans to integrate these web services and API security technologies into its agentless cloud security platform. You can read more about this acquisition here. Cloud Security Firm Polar Security that has emerged from Stealth With $8.5 Million Seed Funding. They are a Tel Aviv, Israel-based cloud security company that aims to provide visibility into companies' cloud data storage to allow security teams to secure the data and avoid compliance problems. You can find out more about them here Hunters.ai announced that it has raised a $68 million Series C round bringing their total funding to date to $118 million. Hunters share in their blog that “Never before has it been more lucrative to be a cyber criminal” and “On the defenders' side, we see organizations struggling to keep pace. As technology advances and more tools are being used, the attack surface grows and the number of security products used by these organizations increases.” This is where Hunter.ai believes they can help with their Extended Detection and Response (XDR) platform used by Security Operations Center (SOC) teams to detect, investigate and stop threats. You can find out more about them here Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

In this episode I had a chance to talk with Israel Barak about a listener submitting topic, 'How do I prepare for a ransomware attack?'. Israel is the CISO for Cybereason and has intricate knowledge of ransomware and cybersecurity dating back to his days in the Israeli Defense Force.Using his extensive knowledge we talked through his concept of having different security 'pillars' to help navigate the lifecycle of ransomware: Security Hygiene - Checklists are in security hygiene - you don't build a program around ransomwarePeople - Executive Leadership (how to educate exec leadership), Awareness (do you know what to do when you have already clicked), Security People (surgery example)Recovery - How do you plan for a recovery processInsurance - Do you really need it, do you trust it with your CFOEpisode Sponsor:This episode is sponsored by Cybereason. Cybereason is an eXtended Detection and Response solution company with Global Headquarters based out of Boston Massachusetts. Proceeds from the sponsorship fee will be going towards a local Youth Mental Health program that is happening in 2022.

TechSpective Podcast Episode 082 There is a steady evolution and progress of security in response to an ongoing game of cat and mouse with cyber attackers. As attackers adapt and innovate new tools and techniques, the way we approach cybersecurity has to change as well–both strategically and tactically. Extended Detection and Response–or XDR–seems to be [...] The post Anton Chuvakin Talks about XDR (Extended Detection and Response) appeared first on TechSpective.

In this edition of the Soap Box podcast we're chatting with Jake King. Jake is a co-founder of Cmd Security, a Linux Security startup that was recently acquired by Elastic. Cmd's technology basically started out as a control and visibility tool for Linux systems that could restrict user actions. But over time, the product evolved to be more detection and response oriented. In this interview we talk to Jake about why Cmd wound up where it is, product wise, and what customers can expect now his company has been swept up by Elastic as a part of its broader push into XDR, or Extended Detection and Response.

I caught up with Rupesh Chokshi, Vice President of AT&T Cybersecurity at AT&T Business, to get a preview of his two presentations for the upcoming 2021 AT&T Business “Business Summit” titled “Reinventing Reality”. AT&T Business are hosting their annual Business Summit in a virtual format this year, on October 27th & 28th, 2021 in American Central Time (CT) time zone. Registration is free! There's a link below to register. Featured speakers this year include: + Anne Chow, Chief Executive Officer of AT&T Business + Indra Nooyi, former Chairman & CEO of PepsiCo + Shaquille O'Neal, American basketball star & philanthropist + Over 60 sessions across the two days. Rupesh is actually presenting two talks this year, which are titled: 1. The Age of Cybersecurity: + Connecting and protecting your business in a digital world + scheduled for October 28 at 11am CT 2. Cybersecurity and Edge Networking: + Delivering the next level of enterprise protection + scheduled for October 28 at 2pm CT Without giving away too many secrets, which given his role is something he's naturally good at, keeping secrets that is, what Rupesh was able to share both a taste of what we can look forward to at the event. Rupesh also shared some very powerful insights into what Rupesh and his team within the AT&T Business “AT&T Cybersecurity” division offer their customers. There is so much you'll be able to take away from this fireside conversation in this episode of our podcast Conversations with Dez, both on the two talks Rupesh is presenting, but also broadly across the current trends and challenges organisations of all shapes and size are facing and how AT&T Cybersecurity are helping those organisations address those challenges. A brief summary of what Rupesh and I discuss includes the following key topics: 1. Changes and trends in cybersecurity + Hybrid Work + Multi-Cloud Adoption + Security and Network Convergence + 5G, IoT, and Edge + Pervasive security fabric + End-to-end protection of users + Protection of devices, networks, apps, and data 2. AT&T's vision for cybersecurity and edge + Customer Edge - Software Defined, IoT Driven + Network(s) - Intelligent, High Speed + Cloud Ecosystem(s) - Multi-cloud, Distributed + Embedded Pervasive Security Fabric - Customer Edge, Network + End to end protection of users, devices, networks, applications & data + Identity / Endpoint, Advanced 5G Security, CDN / DDoS + Secure Access Service Edge ( SASE ), Extended Detection & Response + Importance of the Culture of Cybersecurity + Security is not an IT and technology issue, it's a business issue + Connected economy and business continuity being under threat + Digital trust + The Culture of Cybersecurity is a shared responsibility 3. New AT&T capabilities in the market + Comprehensive view of security is key + Successful adoption of SD-WAN + Shifting focus to SASE + Protecting endpoints with XDR solution 4. Example Use cases from IoT, Enterprise & Data Centres, Infrastructure & Healthcare + Securing Industrial IoT + Zero Trust access with security support for industrial systems + Enabling the future of healthcare + Resilient, low-latency network with centralised security management + Protecting Your Company + End-to-end protection of Devices, Networks and Data, Proactive remediation of Ransomware and DDoS For the full conversation and so many amazing insights, and key actionable takeaways for any organisation facing the challenge of wrapping up the year that is 2021 and facing the unknowns of what the new year in 2022 will bring, you'll want to push PLAY now, and tune into the full discussion. Register for the AT&T Business Summit here => https://bit.ly/attbizsummit2021linkedin Add both of the talks Rupesh is presenting to your calendars. This podcast was made in partnership with AT&T Business. For more information about AT&T Cybersecurity, please visit: https://bit.ly/att-cybersecurity #attinfluencer #sponsored

Cloud Security News this week 20 October 2021 Google Cloud is adding new features to their zero trust access solution, BeyondCorp Enterprise which will enable identity and context-aware access to non-web applications running in Google Cloud and non-Google Cloud environments. They also claim to be making it easier for admins to diagnose access failure, triage events, and unblock users with the new Policy Troubleshooter feature. If you are familiar with XDR - which allows for Extended Detection and Response (XDR) across endpoints, networks, cloud and workspaces. Google also announced a new collaboration with Cybereason to deliver a cloud-native XDR solution . The intent is to automate prevention for common attacks, guide analysts through security operations and incident response, and enables arguably faster threat hunting. They are also enhancing the integration between Chronicle (a SaaS SIEM built on core Google infrastructure that provides security analytics at the speed) and Security Command Center (SCC) on GCP to allow for centralized alerts and investigative workflows across the two platforms, and enables threat-specific pivots by enriching SCC alerts with intelligence on associated threat actors and entities. Google is also strengthening their protection of sensitive data through Automatic DLP (data loss prevention) which is in preview and ensuring encryption of data in transit using Ubiquitous Data Encryption, External Key Management, and Cloud Storage products. Google launched a new Build Integrity feature for Cloud Build which allows to automatically generates a verifiable build manifest that includes a signed certificate describing the sources that went into the build, the hashes of artifacts used, and other parameters. For Google Workspaces they have also introduced new security features. Episode Show Notes on Cloud Security Podcast Website. Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

Cloud Security News this week 20 October 2021 Google Cloud is adding new features to their zero trust access solution, BeyondCorp Enterprise which will enable identity and context-aware access to non-web applications running in Google Cloud and non-Google Cloud environments. They also claim to be making it easier for admins to diagnose access failure, triage events, and unblock users with the new Policy Troubleshooter feature. If you are familiar with XDR - which allows for Extended Detection and Response (XDR) across endpoints, networks, cloud and workspaces. Google also announced a new collaboration with Cybereason to deliver a cloud-native XDR solution . The intent is to automate prevention for common attacks, guide analysts through security operations and incident response, and enables arguably faster threat hunting. They are also enhancing the integration between Chronicle (a SaaS SIEM built on core Google infrastructure that provides security analytics at the speed) and Security Command Center (SCC) on GCP to allow for centralized alerts and investigative workflows across the two platforms, and enables threat-specific pivots by enriching SCC alerts with intelligence on associated threat actors and entities. Google is also strengthening their protection of sensitive data through Automatic DLP (data loss prevention) which is in preview and ensuring encryption of data in transit using Ubiquitous Data Encryption, External Key Management, and Cloud Storage products. Google launched a new Build Integrity feature for Cloud Build which allows to automatically generates a verifiable build manifest that includes a signed certificate describing the sources that went into the build, the hashes of artifacts used, and other parameters. For Google Workspaces they have also introduced new security features. Episode Show Notes on Cloud Security Podcast Website. Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

Identity Detection and Response (IDR) is a new security category that focuses on protecting credentials, privileges, cloud entitlements, and the systems that manage them across endpoints, Active Directory, and the Cloud through visibility and early detection of attacks targeting identities. Attackers consider enterprise identities as high-value targets and attempt to compromise them early in the attack to access the network and gain privileges to essential production assets. Current identity security focuses on safeguarding privileged credentials in PAM solutions or securing the authentication process with MFA and IAM solutions, but these measures leave gaps that attackers can exploit. While current security solutions like Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Network Detection and Response (NDR), and others provide specific functions for defending the network, they do not focus on identities. EDR focuses on preventing the initial compromise, while XDR and NDR try to detect attacks as they expand from the beachhead. Attacks targeting enterprise identities can evade detection from these security controls, but IDR solutions can bridge these detection gaps to identify such attacks. Join Joseph Salazar from Attivo Networks as he discusses the importance of IDR to modern enterprise security. Segment Resources: https://attivonetworks.com/documentation/Attivo_Networks-Identity_Detection_Response.pdf https://attivonetworks.com/what-is-identity-detection-and-response-idr/ https://attivonetworks.com/solutions/identity-security/   This segment is sponsored by Attivo Networks. Visit https://securityweekly.com/attivonetworks to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw244

Identity Detection and Response (IDR) is a new security category that focuses on protecting credentials, privileges, cloud entitlements, and the systems that manage them across endpoints, Active Directory, and the Cloud through visibility and early detection of attacks targeting identities. Attackers consider enterprise identities as high-value targets and attempt to compromise them early in the attack to access the network and gain privileges to essential production assets. Current identity security focuses on safeguarding privileged credentials in PAM solutions or securing the authentication process with MFA and IAM solutions, but these measures leave gaps that attackers can exploit. While current security solutions like Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Network Detection and Response (NDR), and others provide specific functions for defending the network, they do not focus on identities. EDR focuses on preventing the initial compromise, while XDR and NDR try to detect attacks as they expand from the beachhead. Attacks targeting enterprise identities can evade detection from these security controls, but IDR solutions can bridge these detection gaps to identify such attacks. Join Joseph Salazar from Attivo Networks as he discusses the importance of IDR to modern enterprise security.   Segment Resources: https://attivonetworks.com/documentation/Attivo_Networks-Identity_Detection_Response.pdf https://attivonetworks.com/what-is-identity-detection-and-response-idr/ https://attivonetworks.com/solutions/identity-security/   This segment is sponsored by Attivo Networks. Visit https://securityweekly.com/attivonetworks to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw244

Way back in Episode 3, we talked about how Extended Detection and Response (aka XDR) finds and fixes security issues across your environment – from endpoints and servers to networks and cloud infrastructure.To get this kind of end-to-end protection, many XDR vendors rip and replace your existing – often expensive –  security tools with their own.But there's a way to avoid forklift upgrades and vendor lock-in. In this episode of Cybersecurity Simplified, we'll show you how to unlock end-to-end security with Open XDR.

PhoneBoy talks with Check Point Product Manager Yoni Nave about Check Point's upcoming Extended Detection and Response (XDR) offering which will also incorporate some Managed Detection and Response (MDR) elements if you need it.

If you like extended detection and response (XDR) solutions, you'll probably like extra extra extended detection and response solutions even more. You'll also probably enjoy hearing Matt, Rich, and guest host Bruce McCully, of Galactic Advisors, discuss the new XDR technologies from Sophos, the new file sync and share software from Acronis, and the new reporting and billing reconciliation software from ConnectWise. Want more to like? There's also a conversation with George Hope, Hewlett Packard Enterprise's worldwide channel chief, and a chat about Bruce's recently published book, Level Up: The Ultimate MSP Roadmap For Security, Operations And Profitability. Just don't search “XXXDR” on Google, unless you're prepared from some results you might NOT like. Subscribe to ChannelPro Weekly! iTunes: https://itunes.apple.com/us/podcast/channelpro-weekly-podcast/id1095568582?mt=2 Google Play Podcasts: https://play.google.com/music/m/Igodza5l63vd5w5mdybtpq2cr7e?t=ChannelPro_Weekly_Podcast Spotify: https://open.spotify.com/show/7hWuOWbrIcwtrK6UJLSHvU Amazon Music: https://music.amazon.com/podcasts/a1d93194-a5f3-46d8-b625-abdc0ba032f1/ChannelPro-Weekly-Podcast More here: https://www.channelpronetwork.com/download/podcast/channelpro-weekly-podcast-episode-194-xxxdr Topics and Related Links Mentioned: Level Up: The Ultimate MSP Roadmap For Security, Operations And Profitability - https://www.amazon.com/Level-Up-Ultimate-Operations-Profitability/dp/B097SPL6LY Biggest Zero-Trust Hurdle: Getting People To Listen - https://www.channelpronetwork.com/article/biggest-zero-trust-hurdle-getting-people-listen Sophos is Rapidly Extending its eXtended Detection and Response Platform - https://www.channelpronetwork.com/news/sophos-rapidly-extending-its-extended-detection-and-response-platform Acronis Adds Advanced File Sync and Share Pack to Cyber Protect Cloud - https://www.channelpronetwork.com/news/acronis-adds-advanced-file-sync-and-share-pack-cyber-protect-cloud ConnectWise Announces Lightweight Reporting and Cloud Billing Reconciliation Tools - https://www.channelpronetwork.com/news/connectwise-announces-lightweight-reporting-and-cloud-billing-reconciliation-tools Security's Achilles' Heel: VPN Vulnerabilities - https://www.channelpronetwork.com/article/security-s-achilles-heel-vpn-vulnerabilities Bruce's Museum Pick: Hak5 WiFi Pineapple TETRA Matt's Tech Pick: Hak5 WiFi Pineapple MarkVII Tactical - https://shop.hak5.org/products/wifi-pineapple?variant=32019576094833 Rich's ICYMI plug and quickie preview of the week ahead - https://www.channelpronetwork.com/tags/icymi

PhoneBoy talks with Product Manager Yoni Nave about the evolution from Endpoint Detection and Response (EDR) to Extended Detection and Response (XDR).