CardinalOps, the AI-powered detection engineering company, is sponsoring a live SANS webinar with the goal of helping security operations professionals decipher the alphabet soup around SIEM, EDR, XDR, and MDR.
Large and mature security organizations have invested years of time and effort into their SIEM deployments – often described as the “operating system of the Security Operations Center (SOC)” – as well as their EDR deployments. Many are now faced with questions about the benefits and risks of adopting new approaches versus optimizing the effectiveness of their existing security stacks.
To hear what the experts are saying, join Dr. Anton Chuvakin, Security Advisor at the Office of the CISO, Google Cloud, and Randy Watkins, CTO at Critical Start, as they discuss (and debate) questions such as:
If I have a SIEM and EDR, do I need XDR?
Is XDR a better EDR or a new SIEM?
Does XDR include response? Where does SOAR fit in?
Is XDR a hunting platform or a detection platform?
Is MDR about managed services related to EDR? What about Managed XDR?
Does XDR take less headcount to manage and operate than standalone EDR and SIEM?
Should I map my MITRE ATT&CK coverage across SIEM, EDR, XDR? How?
WHAT: SANS webinar featuring Anton Chuvakin and Randy Watkins
WHEN: Tuesday, July 19 at 3:30pm ET
REGISTER: SANS website (you must create a free account to register – register even if you can’t attend and SANS will send you a link to the recording after the event)
Also Read: Google, The ODP Corporation and Truist Lead Roster of New Sponsors of SCORE Foundation
About Dr. Anton Chuvakin
Dr. Anton Chuvakin is Security Advisor at the Office of the CISO, Google Cloud,, where he arrived via the Chronicle Security (an Alphabet company) acquisition in July 2019. Until June 2019, Dr. Anton Chuvakin was a Research VP and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies (SRMS) team. At Gartner he covered a broad range of security operations and detection and response topics and is credited with inventing the term “EDR.” He also worked for some of the earliest log management companies in the early 2000s.
Randy Watkins is the CTO for CRITICALSTART, where he’s responsible for designing and executing the company’s strategic technology initiatives, which includes defining the strategy and direction of CRITICALSTART’s MDR services delivered by the Zero-Trust Analytics Platform (ZTAP). Previously, Randy served as CRITICALSTART’s Director of Security Architecture, where he set the strategy for emerging vendor technologies, created the Defendable Network reference architecture, and set product direction for the company’s internally-developed Security Orchestration Automation and Response platform. Watkins was employee number five when he joined CRITICALSTART in 2012.
Most security vendors pitch you on replacing your stack or adding new monitoring tools to it. But CardinalOps has a more practical and pragmatic approach. Our SaaS platform delivers AI-powered recommendations to continuously eliminate MITRE ATT&CK coverage gaps in your existing stack (Splunk, Sentinel, QRadar, CrowdStrike, CarbonBlack, security etc.). It continuously audits your instance to identify and remediate broken,