Back
#191
September 23, 2024

EP191 Why Aren't More Defenders Winning? Defender’s Advantage and How to Gain it!

Guest:

Topics:

SIEM and SOC Threat Intelligence
29:29

Subscribe at Spotify.

Subscribe at Apple Podcasts.

Subscribe at YouTube

Topics covered:

  • What is the Defender’s Advantage and why did Mandiant decide to put this out there?
  • This is the second edition. What is different about DA-II?
  • Why do so few defenders actually realize their Defender’s Advantage? 
  • The book talks about the importance of being "intelligence-led" in cyber defense. Can you elaborate on what this means and how organizations can practically implement this approach?
  • Detection engineering is presented as a continuous cycle of adaptation. How can organizations ensure their detection capabilities remain effective and avoid fatigue in their SOC?  
  • Many organizations don’t seem to want to make detections at all, what do we tell them?
  • What is this thing called “Mission Control”- it sounds really cool, can you explain it?

Do you have something cool to share? Some questions? Let us know:

View more episodes