The current state of XDR: A Rick-the-toolman episode.

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 17 June 2024

⏱️ 19 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of “eXtended Detection and Response” (XDR) with CyberWire Hash Table guests Rick Doten, Centene’s VP of Security, and Milad Aslaner, Sentinel One’s XDR Product Manager. References: Alexandra Aguiar, 2023. Key Trends from the 2023 Hype Cycle for Security Operations [Gartner Hype Cycle Chart]. Noetic Cyber. Daniel Suarez, 2006. Daemon [Book]. Goodreads. Dave Crocker, 2020. Who Invented Email, Email History, How Email Was Invented [Websote]. LivingInternet. Eric Hutchins, Michael Cloppert, Rohan Amin, 2010, Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains [Paper] Lockheed Martin Corporation. Jon Ramsey, Mark Ryland, 2022. AWS co-announces release of the Open Cybersecurity Schema Framework (OCSF) project [Press Release]. Amazon Web Services. Nir Zuk, 2018. Palo Alto Networks Ignite USA ’18 Keynote [Presentation]. YouTube. Raffael Marty, 2021. A Log Management History Lesson – From syslogd(8) to XDR [Youtube Video]. YouTube. Raffael Marty, 2021. A history lesson on security logging, from syslogd to XDR [Essay]. VentureBeat. Rick Howard, 2020. Daemon [Podcast]. Word Notes. Rick Howard, 2021. XDR: from the Rick the Toolman Series. [Podcast and Essay]. CSO Perspectives, The CyberWire. Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. Staff, n.d. Open Cybersecurity Schema Framework [Standard]. GitHub. Staff, 2019. What is EDR? Endpoint Detection & Response Defined [Explainer]. CrowdStrike. Staff, 2020. Log Formats – a (Mostly) Complete Guide [Explainer]. Graylog. Stephen Watts, 2023. Common Event Format (CEF): An Introduction [Explainer]. Splunk. Thomas Lintemuth, Peter Firstbrook, Ayelet Heyman, Craig Lawson, Jeremy D’Hoinne, 2023. Market Guide for Extended Detection and Response [Essay]. Gartner. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	When it comes to ensuring your company has top-notch security practices, things can get complicated fast.
0:21.0	Vanta automates compliance for SOC2, ISO 2701, HIPAA and more, saving you time and money.
0:29.7	With Vanta you can streamline security reviews by automating questionnaires and
0:34.2	demonstrating your security posture with a customer-facing trust center.
0:38.4	Over 7,000 global companies like Atlassian, Flow Health, and Quora use Vanta to manage risk and prove security
0:46.5	in real time.
0:48.4	Our listeners can claim a special offer of $1,000 off Vanta at vanta.com slash cyber.
0:55.8	That's VANTA.com slash cyber for $1,000 off Banta.
1:05.0	In the early days of this podcast back in 2021,
1:12.0	we published a Rick the Tollman love letter to this newfangled security tool
1:16.2	called XDR.
1:21.4	You might have heard about it. The acronym stands for extended detection and response,
1:26.0	and I was gushing about how this tool might transform the modern day security architecture. Back then, Gardner placed XDR at the beginning of the journey on its famous hype chart,
1:40.0	just starting to climb the peak of inflated expectations and I was jumping on the
1:44.4	bandwagon to help inflate the hike. Two years later July 2023
1:48.8	Gardner placed XTR on the back end of the peak just starting the steep roller coaster ride down toward the
1:55.5	trough of disillusionment and forecasted five to ten years before it reaches the plateau of productivity.
2:02.0	Since this is the time typically when security reaches the plateau of productivity.
2:03.0	Since this is the time typically when security pros start to lose faith in a product
2:06.9	idea, because the hype surrounding it hasn't matched existing products, I thought it was time
2:12.0	to revisit the current state of
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.