SOAPA Interview With Sam Curry of Cybereason, Part 2 (Video)

Old friend and Cybereason CSO Sam Curry and I got together (virtually) to chat about all things SOAPA. In part 2 of our video, we focus on:

  • This newish thing called XDR. My colleague Dave Gruber and I are all over XDR as analysts, so I asked Sam for his thoughts. Sam thinks of XDR as taking EDR to the next level. He even broke down the acronym stating that the X signified telemetry independence. The “D” in XDR is somewhat overstated, Sam is really focused on the importance of the R, response, as security is about blocking (not finding) the bad guys. In the end, XDR should be a force multiplier for the cybersecurity staff.
Topics: Cybersecurity SOAPA

SOAPA Interview With Sam Curry of Cybereason, Part 1 (Video)

I’ve known Cybereason CSO, Sam Curry for years, so it was a pleasure to lure him to ESG’s virtual studio for a SOAPA video. In part 1 of our 2-part series, Sam and I discuss:

  • Why EDR? Sam describes how, unlike SIEM, EDR is designed for one specific purpose – finding the bad guys. The best EDR solutions identify signals in all the noise, alert humans about malicious activities, and make it easy for them to take action.
Topics: Cybersecurity SOAPA

SOAPA Discussion On EDR and XDR With Jon Oltsik and Dave Gruber (Video), Part 3

My colleague Dave Gruber is such a great guest that I invited him back for an unparalleled SOAPA video part 3. In our final installment, Dave and I talk about:

Topics: Cybersecurity SOAPA

SOAPA Discussion On EDR and XDR with Jon Oltsik and Dave Gruber (Video) Part 2

In part 2 of our SOAPA video, I welcome back my astute colleague, Dave Gruber. The conversation turns to XDR, a market segment that Dave and I collaborate on. I ask Dave about:

  • The definition of XDR. It’s a nebulous industry term but Dave nails it by explaining that XDR is a method for bringing controls together to improve security telemetry collection, correlation, contextualization, and analytics. There’s also an operational side of XDR to help coordinate response and remediation across multiple controls simultaneously.
Topics: Cybersecurity SOAPA XDR

SOAPA Discussion on EDR and XDR With Jon Oltsik and Dave Gruber (Video) Part 1

The SOAPA video series has featured a series of prolific industry beacons representing leading security operations technology vendors. That will continue, but I thought I’d shake up the format a bit by inviting my colleague and friend, Dave Gruber, to participate. 

Topics: Cybersecurity SOAPA XDR

SOAPA Interview With Hugh Njemanze of Anomali, Part 2

It’s great to be back with the SOAPA video series, albeit in a remote format. Nevertheless, I was excited to interview Hugh Njemanze, CEO of Anomali, a leading threat intelligence platform (TIP). In part 2 of our video, Hugh and I yak about:

Topics: Cybersecurity SOAPA

SOAPA Interview With Hugh Njemanze of Anomali, Part 1

The SOAPA video series is back! In this global pandemic edition, I speak with Hugh Njemanze, CEO of Anomali, a leading threat intelligence platform (TIP). In part 1 of my chat with Hugh, we discuss:

  • Security operations difficulties. ESG research indicates that 63% of organizations claim that security operations are more difficult than they were 2 years ago. Hugh agrees and believes these difficulties are related to the breadth of tools and practices that are creating visibility and process gaps.
Topics: Cybersecurity SOAPA

Big Changes Coming to Cybersecurity Technology

As 2019 winds down, security analysts like me tend to compile a list of industry predictions. I’m still working on a comprehensive list, but I’m extremely confident that we are about to see some unprecedented changes in enterprise security technology. These changes are already happening behind the scenes, but they will become much more visible in 2020 and beyond.

Topics: Cybersecurity SOAPA

Toward Continuous Automated Penetration and Attack Testing (CAPAT)

According to ESG research, 73% of security professionals say that cyber-risk management is more difficult at their organization today than it was 2 years ago. Why? Survey respondents point to things like the growing attack surface, the rising number of software vulnerabilities, and the increasing technical prowess of cyber-adversaries. 

Topics: Cybersecurity SOAPA

SOAPA versus SOAR

I first came up with the SOAPA concept in late 2016. Here’s the blog I wrote in November of that year describing the architecture and its rationale. 

Topics: Cybersecurity SOAPA SOAR