Skip to main content
ThreatConnect Acquires Polarity to Transform How Security Uses Intelligence
Press Release
Request a Demo

Smarter Security Series: Driving Context around Endpoints to Automate Detection and Response

Devin Somppi, VP of Cybersecurity at the Decisive Group, delves into XDR, or Extended Detection and Response, one of today’s biggest trends in cybersecurity. He emphasizes that there’s not a universal definition of XDR, highlighting it as a concept open to individual interpretation. For Devin, XDR signifies rich telemetry data that stems from endpoints, goes through correlation, and then leads to decision-making through automation or manual efforts for swift, efficient remediation.

He underlines the absence of threat intelligence in the usual discussions on XDR and highlights the importance of considering different ‘lens’ while analyzing cyber security, like the endpoint lens, network lens, application lens, or perimeter lens. Devin advocates for automation as a means to efficiently pull relevant data.

Endpoint technologies have gained traction recently, with giants like Microsoft, Elastic, and IBM investing heavily. Devin jokes about the firewall being dead and alive at the same time due to the evolving visibility requirements in cybersecurity. According to him, the inability to spot blind spots is an existential conundrum that keeps practitioners up at night.

Ultimately, Devin paints XDR as a vital tool in gaining comprehensive visibility across all avenues, which is of utmost importance in a constantly morphing cybersecurity landscape. He underscores the need for staying vigilant and capable of responding swiftly to new threats becoming visible on the horizon.

Join Devin and Lara on their exploration of cybersecurity trends, broaden your understanding, and take your steps towards a safer digital environment!