An Honest Conversation About "Response" - Juan Canales, Matt Cauthorn - BSW #179

published 1 month ago by Security Weekly

It's time to come out and say it: "response" means something different to every category in cybersecurity. Yet, it's broadly used with little industry definition. In endpoint detection and response (EDR) systems, "response" refers to a prescriptive set of actions that can be taken with little to no human intervention. For example, if suspicious activity occurs on a device, that device can be automatically quarantined by the EDR tool. In network detection and response, "response" is more broad. The network is too vast and interconnected for blunt responses and therefore requires more surgical precision and investigation.   To request a demo with ExtraHop, visit: Visit for all the latest episodes! Show Notes:

more episodes from Paul's Security Weekly TV