SANS Webinar w/ Anton Chuvakin & Randy Watkins: “Demystifying SIEM, EDR, XDR & MDR”
REGISTER: Register on the SANS website here (you must create a free SANS account to register).
CISOs and security practitioners are now being bombarded by new acronyms such as XDR which seem to overlap with “older” acronyms like EDR, SIEM, and MDR.
According to Gartner, XDR is mainly attractive to smaller security organizations that don’t currently have a SIEM, and it will likely not displace SIEM functionality in large and mature security operations. And according to Forrester, XDR is grounded in EDR and also on a collision course with SIEM and SOAR.
In this thought-provoking webinar, we’ll explore (and perhaps debate) questions such as:
- If I have a SIEM and EDR, do I need XDR? Is XDR a better EDR or a new SIEM?
- If SIEM is foundational to my SOC, should I be sending all my EDR alerts to the SIEM?
- How might XDR address traditional SIEM challenges such as data complexity, event normalization, too much noise versus false negatives, etc.?
- Where should I send my cloud security monitoring alerts? Does XDR work in the cloud?
- Is MDR about managed services related to EDR? What about Managed XDR?
- Does XDR take less headcount to manage and operate than standalone EDR and SIEM?
- Should I map my MITRE ATT&CK coverage across SIEM, EDR, XDR? How?
WHEN: Tuesday, July 19, 2022 at 3:30pm ET.
Dr. Anton Chuvakin, Head of Security Strategy, Google Cloud
Randy Watkins, CTO, Critical Start