In this article, I’m looking at the key differences between endpoint detection and response (EDR) and the related extended and managed options, XDR and MDR. Here’s the short version: Now let’s dig in to get a bit more context on this cybersecurity fundamental.

In 2022, there were 1802 recorded security breaches, impacting a massive 422 million people—a 41% rise from the prior year. In response to the rapid increase in security breaches, organizations must prioritize strengthening their protection against cyber threats. With hackers becoming increasingly skilled, businesses should understand various security breach types — and real-world examples — to avoid risks.

Over twenty years ago, a series of corporate financial scandals set off a chain reaction, culminating in criminal convictions and new legislation. After uncovering accounting fraud across public companies like Enron, WorldCom, and Tyco, the US Congress enacted the Sarbanes-Oxley Act of 2002 (SOX).

Organizations can often struggle to bridge the gap between offensive and defensive security strategies. The lack of collaboration and communication between red and blue teams can hinder their ability to effectively identify and mitigate security risks. To solve this disconnect, organizations are opting to utilize a combined approach in cybersecurity strategy — a system colloquially known as “purple teaming”.

Vendors have long used bills of materials to detail the pieces that make up their supply chain products. Software bill of materials (SBOM) is a similar but traditionally less critical development in IT. However, that is quickly changing: companies are concerned about the security of their purchases, especially as applications become more expensive and sophisticated.

Oh no! You’ve been hacked, and you have experts onsite to identify the terrible things done to your organization. It doesn’t take long before the beardy dude or cyber lady says, “Yeah...they used DNS to control compromised hosts and then exfiltrated your data.” As you reflect on this event, you think, “Did I even have a chance against that kind of attack?” Yes, you did because Splunk can be used to detect and respond to DNS exfiltration.

Authentication and authorization are two key processes that ensure only trustworthy and verified users can gain access to authorized system resources and data. They enable your organization’s information security — your ability to protect sensitive information against unauthorized access. Although these two processes are used interchangeably, they have several fundamental differences.

At one time, the internet was seen as a place where users could remain anonymous: they could scroll from the privacy of their screen. Today, we know that’s no longer the case. In an attempt to sell more products, and create a personalized digital experience, tech firms, companies and advertisers track and analyze each user across the digital landscape. Privacy is still important to users: 90% of individuals in a recent global survey said online privacy was important to them.