EDR, MDR & XDR Explained
ฝัง
- เผยแพร่เมื่อ 8 พ.ค. 2024
- Traditional antivirus is no longer sufficient to protect you. Everyone running a business should upgrade to EDR, MDR, or XDR immediately; but what is the difference between them, and how do SIEM and SOAR fit into the picture? Time to unravel the acronyms!
📄 Acronym cheat sheet:
EDR: Endpoint Detection and Response
MDR: Managed Detection and Response
XDR: eXtended Detection and Response
MXDR: Managed eXtended Detection and Response
SIEM: Security Information and Event Management
SOAR: Security Orchestration, Automation, and Response
SOC: Security Operations Centre
MSP: Managed Services Provider
MSSP: Managed Security Services Provider
💬 Follow Me
/ andrewmrquinn
Video timestamps:
0:00 - EDR
3:11 - MDR
4:41 - XDR
5:33 - Comparison with SIEM + SOAR
9:20 - Summary
#EDR #MDR #XDR #SIEM #SOAR #CyberSecurity #SOC #MSSP - วิทยาศาสตร์และเทคโนโลยี
one of the best explanation so far on TH-cam
Thanks 🙂
Yes and I am catching it at the perfect time. Many thanks @ProTechShow
Very nice breakdown, i appreciate your effort on presenting these concepts on a simplified manner for us to understand!
Thanks!
Oh man, thank you so much to make this!
You're welcome. Glad it's of use!
....and now my 8 page research paper due today makes sense.....thank you!
You're welcome
Amazing breakdown. Thank you!
Thanks. Glad it's useful!
Love your explanation. You made it simple
Thanks! Glad it's useful.
excellent high level explanation of these technologies.
Thanks!
A+ content mate. All I can say is thank you.
Thanks 🙂
thanks man just starting to learn are XDR tool trend micro one
Many thanks indeed for a great tutorial! I just have a question about the restoring the system image created using the built-in Windows backup tool **to a brand new SSD**. Here's my scenario:
~ I have one NVMe SSD slot, with my OS C: drive on it.
~ In Windows I make an system image of the above, using the Windows backup tool;
~ I also make a Windows DVD bootable DVD (ie. with the recovery tools).
~ I turn off & unplug the PC and remove the old NVMe drive.
~ I insert a brand new and bigger NVMe drive in the slot where the old one used to be.
~ I boot the machine using the DVD-ROM Windows bootable recovery tools disk.
Question: How do I get the image onto the brand new unformatted NVMe drive, and assign it as the "C" drive?
Most grateful for your advice!
Underrated video! Thanks 🙏
Thanks for watching!
Thank you for video 😊
You're welcome 🙂
Edr End Point Response, Adr data breach, for future & Rdr are all separate packages of…?
Thanks for video. Many thanks for valuable advice. Something on OpenHAB maybe? I'm looking for something to switch from HA which is going strange way. Any new updates?
OpenHAB 4 is expected to land in a couple of weeks. 2 and 3 were quite significant updates, so it'll be interesting to see what 4 brings to the table.
How does EDR defend against Zero Day Exploits given its primary focus on detecting suspicious patterns from historical occurrences?
Let's say you have an internet-facing web app with a zero-day vulnerability. It gets exploited to drop a web shell onto the server. The vulnerability was previously unknown, and the web shell doesn't match any known malware patterns.
EDR/antivirus may not initially detect the exploit or the web shell as malicious, but EDR will see the file creation/modification by the web server process, followed by it attempting to spawn child processes or execute commands that are not typical behaviour of a web server. It doesn't require knowledge of the vulnerability itself to detect suspicious behaviour resulting from its exploitation and take action - raising an alert, removing the file, isolating the system, etc.
Not acronyms. They are initialisms. :-) Great info. Thanks.
You are... correct. They are initialisms.
Sorry, my dad was an English teacher. :-). I'm not that pedantic in real life.
We use only XDR and EDR to operate our incident in the network ..
mDR eDR & xDr , what is the diff?
i think toyota have better CooL cars