Let’s assume there is a market that doesn’t really exist and call it the cloud detection and response (CDR) market. Please note that defining markets is no longer part of my job description. I’m just doing it here for fun (yes, people really like weird stuff!).
CDR is a type of security tool that primarily focuses on detecting, verifying, and investigating suspicious activity and other security issues in multiple public cloud environments, including but not limited to IaaS, PaaS, and SaaS. . So let’s define CDR as a type of security tool that is primarily focused on doing these things. As you can see, I’ve pulled some concepts from the first version of my EDR definition to make some useful connections between the two. However, contrary to popular belief, a friday night funkin unblocked games 911 isn’t just someone else’s computer:
Some Questions Are As Follows:
Available?
Should There Be A Market For It?
Should there be such a thing as a tech space somewhere (not every tech space has a market, e.g. anti-spam obviously still exists, but obviously no market for anti-spam tools)
Naturally, All Of Life’s Tough Questions Can Be Answered In A Twitter Poll… So Here’s A Related Question:
One of the answers, in particular, stood out to me among the rest: “There should be a CDR function because public cloud has quite a different deployment and collection from place to place lerner and rowe net worth. ” This, in my opinion, is the strongest argument in favor of the existence of CDRs, either as a market or as a technical capability. Now, let’s think a little more, specifically using experiences from RSA 2022.
For starters, I’m willing to bet that no one will question the need for risk assessments on public cloud systems and incident investigations in these environments. So the challenges are quite serious, mdcloud, and consequently, a necessity.
Second, a hypothetical CDR tool would need to be able to perform its own threat detection, prioritize alerts to analysts, support incident investigation workflows, and potentially at least some response. Automation will be required. However, there are already technologies that are capable of doing all of these things, although possibly not simultaneously and not with a particular emphasis on the cloud. Naturally, a SIEM, regardless of whether it is cloud-native or not, can provide threat detection in the cloud as well as alerts and classification of investigations based on logs provided by cloud providers. . A SOAR can automate responses. Similarly, broad cloud security companies (including all CWPPs and CNAPs) claim that they will “protect your cloud,” which often includes threat detection.
Now The Question Is Whether We Need CDR Or Not. I Can See Three Different Ways:
CDR must be a real thing, either as a technology or as a market: the cloud is a new arena for risk detection, and as a result, existing tools and methodologies are not adequate. So we need new technologies that work well in cloud ice.
CDR should be recognized as a technology, but not as a separate market. CDR capabilities will be provided by cloud providers as well as cloud security providers in general. There is no doubt that we need new technological capabilities.
CDR shouldn’t exist, the problem is real, but it’s fixed elsewhere: the cloud is just a means of telemetry. And existing technologies and providers, as well as cloud service providers, will take care of this problem. .
Also, at RSA 2022, I looked at companies like Cado and Mitiga, among others. And noted that focusing on friday night funkin unblocked games 911 event response requires tools that are quite diverse. (A podcast on how we do it here. Ditto). Assessing the “R” in CDR is perhaps the most difficult part. Because the use of SIEM and SOAR in this context is limited, and standard forensic tools. And EDRs can only be used on virtual computers. However, the “R” in CDR is probably the most important part of CDR (up to a point). In my opinion, this gives CDRs more justification for their efforts.
Finally, here’s my prediction: I’ll go with option 2 because I think we’ll have “CDR technology”. In the future, a toolkit that’s suitable for Boba D&R shops near me in the public cloud. ( created by both vendors and independent vendors), but we probably won’t have a separate market for it. Because we already have enough long acronyms starting with “C”. What reason do I have to believe this? I think performing D&R in the cloud with a) pre-cloud technologies and/or b). Cloud tools that aren’t focused on D&R will be disruptive enough that enough people call for the creation of a new c a category. If not an entirely new market. .
Agree Or Disagree?
PS I initially found the phrase CDR in a Sift Security message around 2017. This term was not coined by me. And here’s the term Here’s a quick overview of current usage. (eg, example for SaaS, example by NDR, example by MDR. Example by an extensive friday night funkin unblocked games 911 security stack, etc.)
For more information, please visit sbxhrl.
