Intelligent CISO Issue 38 | Page 43

Organisations need a new approach to threat detection and response .
EXPERT OPINION
As soon as an attack is identified and understood from a macro-level , the ideal XDR solution should automatically deploy remediation actions ; or at least , it should have the ability to guide you through the best response .
For example , kill a process , block a user , quarantine an asset or remote shell , which can all be accomplished remotely with one simple click . In short , seek solutions that offer flexible options and automation that aligns with your security workflows .
With a strong XDR solution , we , the defenders , can regain the upper hand with the ability to detect , correlate and stop attacks in real-time , even across complex , ever-evolving enterprise environments . Unlike SIEM or log management tools , XDR promises an experience focused on security value – better detection , easier investigation , faster response . In order to defeat an adversary that can weave between data silos and understands detection alerts , it requires an operation-centric approach . Implementing an XDR

Organisations need a new approach to threat detection and response .

solution means faster detection , which means faster remediation , thereby ending attacks before they become breach events . u www . intelligentciso . com
43