Cyber Talk with Elastic
Speaker: Mr. John Harmon, Vice President of Security
As cyber threats escalate, security teams have deployed a number of tools to protect critical enterprise data. Anti-Virus (AV) was developed to stop malware and exploits from gaining access to endpoints. Endpoint Detection and Response (EDR) was developed to give more insight into endpoint events. SIEM was created to combine alerts, telemetry, and logs to give analysts a central security dashboard. Recently, industry consolidation merged many of these technologies into one unified solution called eXtended Detection and Response (XDR). This talk will describe how XDR gives users the ability to protect the enterprise from the latest threats on endpoints, gives local Defensive Cyber Operations (DCO) specialists the ability to run advanced analytics on network and endpoint telemetry, and even gives strategic
stakeholders the ability to answer the question “are we good?”.
