EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud
Description
Guest:
-
Arie Zilberstein, CEO and Co-Founder at Gem Security
Topics:
-
How does Cloud Detection and Response (CDR) differ from traditional, on-premises detection and response?
-
What are the key challenges of cloud detection and response?
-
Often we lift and shift our teams to Cloud, and not always for bad reasons, so what’s your advice on how to teach the old dogs new tricks: “on-premise-trained” D&R teams and cloud D&R?
-
What is this new CIRA thing that Gartner just cooked up? Should CIRA exist as a separate market or technology or is this just a slice of CDR or even SIEM perhaps?
-
What do you tell people who say that “SIEM is their CDR”?
-
What are the key roles and responsibilities of the CDR team? How is the cloud D&R process related to DevOps and cloud-style IT processes?
Resources:
-
EP98 How to Cloud IR or Why Attackers Become Cloud Native Faster?
-
EP103 Security Incident Response and Public Cloud - Exploring with Mandiant
-
EP76 Powering Secure SaaS … But Not with CASB? Cloud Detection and Response?
-
9 Megatrends drive cloud adoption—and improve security for all
-
“Emerging Tech: Security — Cloud Investigation and Response Automation (CIRA) Offers Transformation Opportunities” (Gartner access required)
-
“Does the World Need Cloud Detection and Response (CDR)?” blog
United States
