• Advertise With Us
  • Risk Warning
  • Contact us
Newsletter
U2fx
Advertisement
  • Home
  • Markets
    • North America
    • Europe
    • Asia
    • Middle East
    • Latin America
    • Africa
  • Business
    • Precious metals
    • Economy
    • Energy
    • Technology
    • Investment
  • Crypto
    • Currency List
    • Events
    • Exchanges
    • Wallets
    • Mining
  • NFT
  • Forex
    • Latest News
    • Market overview
    • Strategies Overview
    • Regulated Brokers
    • Fx Calendar
  • Signals
  • Trading
    • CFD trading
    • Crypto trading
  • Upcoming Currencies
  • Academy
  • Charts
  •  
No Result
View All Result
  • Home
  • Markets
    • North America
    • Europe
    • Asia
    • Middle East
    • Latin America
    • Africa
  • Business
    • Precious metals
    • Economy
    • Energy
    • Technology
    • Investment
  • Crypto
    • Currency List
    • Events
    • Exchanges
    • Wallets
    • Mining
  • NFT
  • Forex
    • Latest News
    • Market overview
    • Strategies Overview
    • Regulated Brokers
    • Fx Calendar
  • Signals
  • Trading
    • CFD trading
    • Crypto trading
  • Upcoming Currencies
  • Academy
  • Charts
  •  
No Result
View All Result
U2fx
No Result
View All Result

U2fx > Business > Technology > How can technology providers help network incident responders the most?

How can technology providers help network incident responders the most?

0360804@gmail.com by [email protected]
March 16, 2022
in Technology
0
How can technology providers help network incident responders the most?

The providers must step up their game to provide consumers with data, tools, attention, and knowledge at a time when they’re most required. In a world where most major enterprises are concerned about public breaches, technology suppliers must take the time to listen and understand their problems in order to help them discover the best solution. Vendors have access to the most modern cloud compute, storage, and search technologies, as well as visibility into assaults affecting a large number of customers and knowledge of successful protection strategies. SOC teams, on the other hand, rarely profit from these resources.
Data scarcity: a look back in time and vendors
It’s a well-known fact that threats may go undetected for a long period — according to IBM study, up to 280 days. Why, therefore, do SaaS NDR companies only provide lookback periods of 30, 60, or even 90 days? Given that the cloud provides essentially endless storage, shouldn’t historical lookback at least equal the duration of threats?
Consider the following example:
• SolarWinds Orion Platform DLL was used to construct and launch the SUNBURST attack on February 20, 2020.
• The first SUNBURST assault is discovered on December 8, 2020.
• From December 8, 2020, until the present, 18,000 government agencies and Fortune 500 corporations are researching and responding to terrorist assaults.
Security professionals hurried to investigate past data in the days following December 8th, 2020, to see whether any of the indications of breach had crossed their network. Teams were, however, hampered by a lack of network visibility, with available information frequently only lasting a few days. The lucky ones got a month’s worth of data, or at most 90 days. None of this allowed them to go back and analyse the SUNBURST assault, which was originally launched in February 2020, to learn more about the attackers’ particular behaviours in their network and the degree of danger they faced.
This makes us ask why, in an era of cloud computing and nearly infinite storage, manufacturers are failing to solve these issues for their clients.
a scarcity of time
If you’ve ever been on a security team during an incident, you know how important it is to stay on schedule. Every second is crucial. This isn’t dramatisation; it’s a high-stress situation. One of the causes of security analyst burnout is this.
Take, for example, today’s malware. From the moment an attacker’s presence in the network is discovered, it’s a race to mitigate their actions before you’re hit with expensive ransom payments, encrypted critical data that disrupts operations, double extortion for exfiltrated data, and relentless media coverage with everyone weighing in on what you should do and how you should act.
Security companies, on the other hand, rarely focus on offering technologies that expedite investigations. They’re addicted to the ability to “detect” and leave the rest to the security staff. Why, yet again? Despite the fact that vendors have nearly infinite computational power, most do not provide this essential service. Investigators are compelled to search for events one at a time using existing NDR technologies. Why can’t they search at the same time? Why can’t numerous members of a team work together, exchanging searches, results, and collaborating? Furthermore, why don’t the solutions provide threat-specific playbooks with “here’s the ‘thesis’ you should check” or, even worse, recommend you explore with a separate product and redo most of the work there. The cloud compute capabilities exist but vendors aren’t putting them to work for their customers.
Inability to concentrate
Do you recall how promising SaaS-based security technologies were? When you move your security solutions to the cloud, you won’t have to maintain them again, and you’ll enjoy all the benefits of cloud computing. Well, the promise seems to have gone flat, doesn’t it?
True, you’re getting the newest updates in a timely manner for your SaaS security solutions – but, as we mentioned earlier, you’re not enjoying the benefits of cloud computing, such as limitless storage and computational capacity. Worse, many of the “technology breakthroughs” now demand your personnel to do never-ending detection tuning and FP reduction efforts due to the usage of machine learning. In other words, suppliers have shifted the buck to your team in order to obtain high-fidelity results, frequently to their profit as well as yours!
Vendors must take the initiative and remove these annoyances. Some vendors are adopting the concept of “directed SaaS,” in which your team owns and operates the solution, but the vendor handles software upgrades, detection/false-positive tuning, system maintenance, and health checks so you can focus on “Job 1” — threat management. I commend this approach and hope that more vendors would follow suit and incorporate it in their offerings, rather than charging professional services fees for something they could have done themselves.
a lack of direction
We’ve determined that security teams face three major challenges: a lack of focus, data, and time. Threat-specific information is the fourth impediment to quick reaction. To respond completely and confidently, incident responders must understand an adversary’s tactics, techniques, procedures (TTPs), and intentions. Again, suppliers fail to assist their customers in this area, leaving security professionals to conduct their own research on TTPs and information on the adversary’s purpose in order to understand how to respond on their own.
NDR suppliers have a treasure of information on threat actors’ TTPs and intentions, but they don’t share it with their clients. Threat research by vendors collects a lot of actionable intelligence on how to respond effectively to any given threat, but they don’t have a way to share it.
Some suppliers provide additional knowledge, but the information supplied is nearly usually about their product rather than how to respond to a specific situation. Why don’t NDR suppliers support their clients at their largest time of need, sharing experience obtained from cross-deployment knowledge, crowdsourcing data, and threat research? And not in a vendor-speak sense, but in the sense that one incident responder would assist another?

Tags: canhelp,howincidentmost?networkprovidersrespondersTechnologythe
Share76Tweet47

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • Trending
  • Comments
  • Latest

India: Bitcoin Prices Drop As Media Misinterprets Gov’s Regulation Speech

January 11, 2022

Futures rise as Omicron worries ease

December 23, 2021

Best Coins to Invest in for Strong Returns in 2022

January 11, 2022

Enterprise Ethereum Alliance Appoints First Executive Director

March 28, 2022
The Orkney Islands are where the energy revolution begins

The Orkney Islands are where the energy revolution begins

3
Stocks Markets crash in North America on Ukraine trouble

Stocks Markets crash in North America on Ukraine trouble

1
Wanhubaidian Electronic Digital Technology Co., Ltd. and Axis Technologies Group Inc. have formed a strategic alliance

Wanhubaidian Electronic Digital Technology Co., Ltd. and Axis Technologies Group Inc. have formed a strategic alliance

1
As investors assess recent inflation data, the Canadian dollar rises.

As investors assess recent inflation data, the Canadian dollar rises.

1
Tether aims to decrease commercial paper backing of USDT to zero

Tether aims to decrease commercial paper backing of USDT to zero

June 15, 2022
Cardano Wins Poll For Protocols With Best NFT Community

Cardano Wins Poll For Protocols With Best NFT Community

June 15, 2022

Bitcoin Dragging in the direction of $40K as Surging Oil Prices.

June 15, 2022

5 Must-Have Things to Know About the Indian Stock Market: Sensex Inches Closer to 50K

May 26, 2022
220-01

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

About Us
  • About
  • Contact us
  • F.A.Q
  • Terms
  • Privacy
  • Announcements
Products
  • Advertise with us
  • Signals
  • Academy
  • Affiliates
  • Brokers
Newsletter

Stay on top of the ever-changing world of Trading market & cryptocurrency, subscribe now.

  • About
  • Contact Us
  • Privacy
  • Terms
  • Advertise with us
  • F.A.Q
  • Support
  • sitemap

©2022 U2FX Media News

No Result
View All Result
  • Home
  • Markets
    • North America
    • Europe
    • Asia
    • Middle East
    • Latin America
    • Africa
  • Business
    • Precious metals
    • Economy
    • Energy
    • Technology
    • Investment
  • Crypto
    • Currency List
    • Events
    • Exchanges
    • Wallets
    • Mining
  • NFT
  • Forex
    • Latest News
    • Market overview
    • Strategies Overview
    • Regulated Brokers
    • Fx Calendar
  • Signals
  • Trading
    • CFD trading
    • Crypto trading
  • Upcoming Currencies
  • Academy
  • Charts
  •  

© 2020 - 2021 Trading community by U2FX.