As security professionals, it’s our obligation to educate. This is why I have invited digital forensics and incident response expert, Tony Giandomenico from Fortinet to discuss all things detection and response.

Time is of the essence when responding to modern threats. Threat actors are focusing on time which is why endpoint detection and response must act quickly to mitigate the threat. On this episode of Always On, Tony G. and I discuss endpoint detection and response and getting beyond the next level of context. Are you ready to find a more modern endpoint strategy? Check out this interview to learn more.

You will want to hear this episode if you are interested in…

  • Endpoint protection posture approach and strategy [2:12]
  • Getting that level of context beyond endpoint [8:20]
  • The differences between MSSP and MDR [16:42]
  • Success stories [26:05]
  • Finding a more modern endpoint strategy [30:09]

Endpoint detection and response is the next layer of security

What challenges are customers facing with their endpoint protection posture approach? What strategies can we use to protect the human and the endpoint?

Customers are often baffled by malware attacks. They want to know why their legacy antivirus wasn’t able to protect them. They often don’t know that these programs don’t offer the level of protection that they need. Endpoint detection response (EDR) is what organizations need as the next layer of security to be able to keep up with advanced threats. There is a big difference between legacy antivirus and EDR technology. And many organizations have not adopted EDR even though it has been around for a while.

Malware can hide, but it’s got to run too

Malware can hide but eventually it’s got to run. That’s when exposure happens. When it runs on the endpoint it exposes itself. But unfortunately, by the time the victim sees the warning the entire data center is compromised. This is why it is important to get the alerts proactively. With proactive alerts organizations can mitigate the threat. That is what modern EDR tools do.

Time is of the essence

Alerts are great but often the user doesn’t know what to do to take action. A much better way to take charge is to get an automated response along with the alert. The faster you can mitigate the risk the less impact the security incident will have on the organization.

In the past, we didn’t trust the technology enough to let it take action. But now we know that it can give us reliable information. This automated response can give us the contextual information and situational awareness so that we can know the vulnerabilities. This allows the security team to make more informed decisions.

Learn more about modern endpoint strategy and how to get that level of context beyond the endpoint by listening to this interview with digital forensics and incident response expert, Anthony Giandomenico.

Connect with Tony Giandomenico

Connect With NWN Carousel