-
EP191 Why Aren't More Defenders Winning? Defender’s Advantage and How to Gain it!
- 2024/09/23
- 再生時間: 24 分
- ポッドキャスト
-
サマリー
あらすじ・解説
Guest:
-
Dan Nutting, Manager - Cyber Defense, Google Cloud
Topics:
-
What is the Defender’s Advantage and why did Mandiant decide to put this out there?
-
This is the second edition. What is different about DA-II?
-
Why do so few defenders actually realize their Defender’s Advantage?
-
The book talks about the importance of being "intelligence-led" in cyber defense. Can you elaborate on what this means and how organizations can practically implement this approach?
-
Detection engineering is presented as a continuous cycle of adaptation. How can organizations ensure their detection capabilities remain effective and avoid fatigue in their SOC?
-
Many organizations don’t seem to want to make detections at all, what do we tell them?
-
What is this thing called “Mission Control”- it sounds really cool, can you explain it?
Resources:
-
Defender’s Advantage book
-
The Defender's Advantage: Using Artificial Intelligence in Cyber Defense supplemental paper
-
“Threat-informed Defense Is Hard, So We Are Still Not Doing It!” blog
-
Mandiant blog