What is Managed Detection and Response and how does it work?
The likelihood of a cyber-attack that bypasses all of your security controls is high and often not detected until it's already over. To solve this problem service providers have created a radically new model of cyber security services called Managed Detection and Response or MDR. The focus of MDR is to detect the attack early in its lifecycle and respond by containing it so it cannot complete. How it is done will be the focus of this talk. Topics covered include:
- Technology components needed to support threat hunting and response teams
- Operational requirements to deliver 24x7 MDR
- Where Machine Learning and AI can augment human threat hunters
- Case study of where the MDR approach detected and contained a Nation State attack
- What does the next generation MDR look like?