Edition 54 | Page 18

step forward . www . AmericanSecurityToday . com April 2021 - Edition 54

What Does the Traditional Se- curity Stack Include ?

Medium-to-large organizations commonly rely on the follow- ing tools to defend against cyber threats :

• Firewall — a defensive measure deplied at the network edge . It allows the organization to apply rules that filter out harmful or unwanted traffic , limit the quan- tity of allowed traffic , and report about traffic anomalies .

• Intrusion Detection System ( IDS ) and Intrusion Preven- tion Systems ( IPS )— intercepts all network traffic and either de- tects threats or actively blocks suspected malicious traffic .

• User and Event Behavior Anal- ysis ( UEBA )— collect information about user activity , identify be- havioral baselines , and look for deviations from these baselines that might signify a security in- cident .

• Endpoint Detection and Re- sponse ( EDR )— deployed on endpoint devices like employ- ee workstations and servers , allowing security staff to identify breaches occurring on end- points , investigate them and take immediate action to stop them .

• CSPM ( Cloud Security Posture Management )— CSPM is used to analyze cloud resources , detect configuration and security issues , and provide repair recom- mendations and guidance .

• Security Incident and Event Management

( SIEM )— allows organizations to capture and

18