Thousands of cybersecurity professionals and MSSP leaders have convened at this week's Black Hat USA 2022 conference in Las Vegas. The common theme for most on-site MSSPs and MSPs: How can service providers further automate their managed security services to boost customer defenses, lighten security analyst workloads and close associated talent gaps?
With those goals in mind, here's a look at the latest MDR, XDR and related automation developments from the conference...
5. Partnership – Data Security: A coalition of cybersecurity and technology organizations announced an open-source effort to break down data silos that impede security teams. The Open Cybersecurity Schema Framework (OCSF) project was conceived and initiated by AWS and Splunk, and includes contributions from Cloudflare, CrowdStrike, DTEX, IBM Security, IronNet, JupiterOne, Okta, Palo Alto Networks, Rapid7, Salesforce, Securonix, Sumo Logic, Tanium, Trend Micro and Zscaler. All members of the cybersecurity community are invited to utilize and contribute to the OCSF.
4. Threat Detection and Response: Lacework has announced new capabilities that uncover more critical infrastructure threats while empowering teams to collaborate more efficiently in alert investigation and response, the company asserts.
3. AI Innovation: CrowdStrike has introduced AI-powered Indicators of Attack (IoAs), as well as new fileless attack prevention and visibility capabilities for stealthy cloud intrusions. The capabilities are available on the CrowdStrike Falcon platform and powered by the CrowdStrike Security Cloud.
2. XDR (eXtended Detection and Response):
- Anomali has released a quarterly platform update with additional threat intelligence and extended detection and response (XDR) capabilities.
- NetWitness in late August 2022 plans to launch NetWitness Platform XDR 12. The update features "enhanced analytics capabilities that can find known and unknown threats even faster, to reduce dwell time and allow response and remediation before adversaries can successfully execute a harmful attack," the company said.
- SentinelOne has unveiled XDR Ingest, which provides customers with a "limitless data platform to ingest, retain, correlate, search and action all enterprise security data, real-time and historical, from any source," the company asserted.
1. More Black Hat News: Have news to share from the conference? Email me the details ([email protected]) and we’ll consider mentioning them to our readers.
Blog originally posted August 10, 2022. Updated regularly thereafter.