As adversaries changed their view of an attack to include vectors across an organization, defenders have had to evolve their approach as well. This is best captured by Mark Harris from Gartner who observed that adversaries have shifted their focus of attacks from infecting files to infecting systems and now to infecting the entire enterprise. Previously, I talked about how this has impacted our approach to threat detection. It is no longer just about finding the one control point or system where the attack is being triggered. Multiple points across the enterprise are involved so you need to be able to connect the dots for a comprehensive understanding of the threat you are facing and know what you must defend. This is why Extended Detection and Response (XDR) is generating great interest right now.
- Dealing With the Carcinization of Security 02/02/2023
- Automating SOC Operations: Tips for Embarking on an XDR Journey 01/31/2023
- Effectively meeting and exceeding the requirements of the SAMA Cyber Threat Intelligence Principles 01/24/2023
- Here’s What ThreatQuotient’s Crystal Ball Says for 2023 01/17/2023
- SANS CyberThreat: an inside track on Europe’s premier cyber security conference 01/13/2023
ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ™, empowers security teams with the context, customization and prioritization needed to make better decisions, accelerate detection and response and advance team collaboration.