SIEM, EDR, XDR, MDR & SOAR | Cybersecurity Tools and Services | Threat Monitoring

Подписаться 4,7 тыс.

Просмотров 74 тыс.

50% 1

Hey everyone! Today's video is going to be on various cybersecurity tools, including SIEM, EDR (endpoint detection and response), XDR (extended detection and response), MDR (managed detectionand response), and SOAR (security orchestration, automation, and response). These are tools that an organization may choose to use to defend their network. As a SOC analyst, your job may be to monitor the SIEM and respond to alerts coming from your EDR solution. You might also use a SOAR solution where you create workflows and specialize in the automation side of cybersecurity. Having a fundamental understanding of these five tools will help you be prepared not only for the Security+ but also prospective interviews. As always, thank you so much for watching, and I hope you find this video beneficial!
cybergraymattir?t...
Links: www.crowdstrike.com/cybersecu...
www.crowdstrike.com/cybersecu...
www.sentinelone.com/blog/unde...
First track: Over The Ocean by | e s c p | escp-music.bandcamp.com
Music promoted by www.free-stock-music.com
Attribution 4.0 International (CC BY 4.0)
creativecommons.org/licenses/...
Second track: Lazy Aftermoon by | e s c p | escp-music.bandcamp.com
Music promoted by www.free-stock-music.com
Attribution 4.0 International (CC BY 4.0)
creativecommons.org/licenses/...

Наука

Опубликовано:

17 апр 2022

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 52

@NK-iw6rq Год назад

One of the best videos i've seen explaining all of this !

@sunderdase3511 Год назад

Nicely explained, thank you!

@garrisonsimon Год назад

Thanks for this great video! I learned a lot!

@rv1915 Год назад

Great video for eager learners

@manojmahajan30 8 месяцев назад

Clear and crisp information, I was looking for something like this for a long time, thank you so much for sharing.. Already subscribed to your content.. 🙂

@DunOpondo Год назад

Awesome video. 👍🏿

@bluejay8972 Год назад

This is well-explained and adheres to industry standard. Great job.

@cybergraymatter Год назад

Thank you so much! I hope you stick around and check out my upcoming videos :)

@951niels Год назад

great vid

@NostalgistGuy 9 месяцев назад

Thank you.

@KeithChungMusic Год назад

well explained

@AboodSpiN 7 месяцев назад

Amazing video thank you so much!

@cybergraymatter 7 месяцев назад

You're so welcome!

@brooklynzoo81 2 года назад

Great content, Thanks! Subscribed.

@cybergraymatter 2 года назад

Wow, thank you! :)

@gkcamden9050 Год назад

Nice overview of these tools. Concise and too the point! Thank you. Subscribed with the bell turned on!

@cybergraymatter Год назад

Thank you so much! It really means a lot! :)

@syh7522 2 года назад

great content.. perfect job 👍👍

@cybergraymatter 2 года назад

Thank you so much for watching and leaving a comment!

@Seansaighdeoir 25 дней назад

Very interesting and informative, thanks for sharing. Found the music somewhat distracting - good info doesn't need accompaniment.

@arsalananwar3397 Год назад

nice info

@DavidCorlette 3 месяца назад

This video is good, but next-gen AV has leveraged behavioral detection for zero-days for a long time - well before EDRs came on the scene. The real distinction between an NGAV and an EDR is that NGAV tries to take a black-and-white approach - it is or is not malicious. If a threat is classified as malicious (by actual signature-type detection or by hitting some statistical threshold in behavioral detection) the threat will be blocked and quarantined. The difference with EDR is in the name - EDR will also notify (Detect) about "grey area" potential threats that can't be confidently classified as malicious, and provide the telemetry (events) needed so that a human can investigate and make a decision. EDRs also provide post-attack remediation (Response) tools such as device isolation, remote shells, etc. Good EDR solutions include comprehensive NGAV so that you don't waste a lot of time chasing potential threats that could easily have been blocked by an NGAV.

@alexanderyelich817 2 года назад

Thanks!

@cybergraymatter 2 года назад

I appreciate it!

@paragbarot2638 3 месяца назад

I hope in next videos you will lower the background music. By the way this video is very informative.

@sametsahin-eh3qj Месяц назад

cool video, next time you should put out the music

@yuvrajsingh-un7xo 10 месяцев назад

Awesome explanation Mam Have you any idea of next-gen firewall

@CrazyFanaticMan 2 года назад

How would I classify a MITRE ATT&CK attack as XDR, MDR or EDR?

@cybergraymatter 2 года назад

Thanks for your comment! I wouldn't classify an attack by the way it was detected. I hope this makes sense.

@ahmedyousufibrahim980 Год назад

Greate I give you subscribe ❤

@shia4363 Год назад

Great video! Can you suggest EDR and XDR solutions?

@swathiguru 11 месяцев назад

Kudelski Security

@peteallennh Год назад

Great content! Lose the muzak 🙂

@cybergraymatter Год назад

Thanks for the comment! I am getting 50/50 on the music and have lowered it for more recent videos. It really helps with any background blips to have at least something.

@rdstill Год назад

The background music was really distracting

@cybergraymatter Год назад

Thanks for your reply! The levels were still a work in progress and vary depending on what device one is listening on. I have toned it down on newer videos.

@smileybuddy_ Год назад

Where u from? Country

@cybergraymatter Год назад

USA

@AE-nt3jj Год назад

You also sound impatient with such speed of speech

@cybergraymatter Год назад

Thanks for your input! I'm a naturally fast speaker and try and slow things as it is. You're welcome to use the speed adjustment if you're having difficulty understanding.

@19ceda92 Год назад

would be a great video without that load music in the background..

@cybergraymatter Год назад

Thanks for leaving a comment! I have been working on an acceptable level for music. It's been a work in progress.

@indosyncrasies 10 месяцев назад

why the music???? It just takes away from the otherwise good content you have created.

@cybergraymatter 10 месяцев назад

I thought it would add some excitement. I am considering reuploading without the music.

@GrowthMindset9 Год назад

Remove the background music, the content is good.

@cybergraymatter Год назад

Thanks for the comment! I have it to help with audio blips but have turned it down in more recent videos

@ctjmaughs Год назад

Amazed how wrong this video is. Alerts

@cybergraymatter Год назад

Thanks for your comment! I am happy to make any notations in the video if you've spotted an error. For the mention of alerts, events and incidents: Security events are continuously happening, as any changes could be a regular, everyday occurrence within the network. This means they aren't necessarily malicious. Alerts are still events, but they indicate a change or that warrants investigating. Finally, incidents can still be a singular event or alert, or a series of those. They may require a lengthy investigation with a report and can even be a breach at higher levels.

@ctjmaughs Год назад

@@cybergraymatter It seems your are going with the Mandiant Methodology of alerts, events and incidents. I definitely don't agree with it but I do understand. I go with the alerts are more like logs and multiple alerts can be part of an event. Incidents can comprise of multiple events and tend be higher fidelity.

@cybergraymatter Год назад

@ctjmaughs I've seen multiple ways things are classified within various organizations and industries for different reasons. Some places call an incident of any severity an incident, while others are called incident a or incident b, etc. I wouldn't say either is wrong but dependent upon the place; though, if it were me who was tasked with designing a program from the ground up, I would use the definitions shown in this video. In the link below, Daniel Miessler also mentions your variation of events and alerts and states that there are differences based on industry. danielmiessler.com/study/event-alert-incident/

@AE-nt3jj Год назад

You speak fast and sound like a robot. You did it on purpose