{"id":66381,"date":"2021-10-26T09:06:56","date_gmt":"2021-10-26T09:06:56","guid":{"rendered":"https:\/\/www.kriativ-tech.com\/?p=66381"},"modified":"2022-01-04T14:24:00","modified_gmt":"2022-01-04T14:24:00","slug":"extended-detection-and-response-importance-of-events-context","status":"publish","type":"post","link":"http:\/\/www.kriativ-tech.com\/?p=66381","title":{"rendered":"Extended Detection and Response Importance of Events Context"},"content":{"rendered":"

[vc_row][vc_column width=”1\/2″][vc_custom_heading heading_semantic=”p” text_font=”font-213936″ text_size=”h5″ text_height=”fontheight-843833″]Kriativ-tech Volume 1, Issue 9, April 2018, Pages: xxx Received: Dec. 28, 2019; Accepted: Feb. 25, 2020. Published: Oct. 11, 2021.[\/vc_custom_heading][vc_custom_heading heading_semantic=”h3″ text_size=”h3″]Authors[\/vc_custom_heading][vc_custom_heading heading_semantic=”p” text_size=”h5″ uncode_shortcode_id=”139170″]Pedro Ramos Brandao, Coordinator Professor at Instituto Superior de Tecnologias Avan\u00e7adas
\nJo\u00e3o Nunes, Master Degree Student at Instituto Superior de Tecnologias Avan\u00e7adas [\/vc_custom_heading][\/vc_column][vc_column width=”1\/2″][vc_custom_heading]Media[\/vc_custom_heading][vc_button button_color=”accent” border_animation=”btn-ripple-out” border_width=”0″ link=”url:http%3A%2F%2Fwww.kriativ-tech.com%2Fwp-content%2Fuploads%2F2021%2F10%2FExtendedDetectionResponse.pdf|target:_blank” button_color_type=”uncode-palette” uncode_shortcode_id=”490301″]PDF[\/vc_button][vc_custom_heading heading_semantic=”h4″ text_size=”h4″]To cite this article[\/vc_custom_heading][vc_custom_heading heading_semantic=”p” text_size=”h6″ uncode_shortcode_id=”498713″]Pedro Ramos Brandao, Jo\u00e3o Nunes, Extended Detection and Response Importance of Events Context<\/strong><\/p>\n

DOI: 10.31112\/kriativ-tech-2021-10-58[\/vc_custom_heading][\/vc_column][\/vc_row][vc_row row_height_percent=”0″ overlay_alpha=”50″ gutter_size=”1″ column_width_percent=”100″ shift_y=”0″ z_index=”0″][vc_column column_width_percent=”100″ gutter_size=”0″ override_padding=”yes” column_padding=”1″ overlay_alpha=”50″ shift_x=”0″ shift_y=”0″ shift_y_down=”0″ z_index=”0″ medium_width=”0″ mobile_width=”0″ width=”1\/1″][vc_custom_heading heading_semantic=”h3″ text_size=”h3″]Abstract[\/vc_custom_heading][vc_custom_heading heading_semantic=”p” text_font=”font-213936″ text_size=”h5″ text_height=”fontheight-843833″ uncode_shortcode_id=”151038″]In an increasingly dynamic and unpredictable world regarding IT security, it’s essential to use adequate solutions that boost infrastructures protection, whether local, in the cloud, or hybrid. This article contextualizes the challenges of the new reality of remote work with traditional security solutions. Furthermore, it explains the importance of implementing a solution that has a holistic view of the infrastructure and correlates all suspicious or attack events. Thus, it enhances an improved and updated security to the current reality.<\/em>[\/vc_custom_heading][vc_empty_space empty_h=”2″][vc_custom_heading heading_semantic=”h3″ text_size=”h3″]Keywords[\/vc_custom_heading][vc_custom_heading heading_semantic=”p” text_size=”h5″ uncode_shortcode_id=”140074″]XDR, EDR, SIEM, Correlation, Context, Cybersecurity[\/vc_custom_heading][\/vc_column][\/vc_row][vc_row][vc_column column_width_percent=”100″ gutter_size=”0″ overlay_alpha=”50″ shift_x=”0″ shift_y=”0″ shift_y_down=”0″ z_index=”0″ medium_width=”0″ mobile_width=”0″ width=”1\/1″][vc_custom_heading heading_semantic=”h3″ text_size=”h3″]References[\/vc_custom_heading][vc_custom_heading heading_semantic=”p” text_font=”font-213936″ text_size=”h5″ text_height=”fontheight-843833″ uncode_shortcode_id=”283090″][1]\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Kaspersky, “How COVID-19 changed the way people work,” 2020.<\/p>\n

[2]\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 W. U. Hassan, A. Bates, and D. Marino, “Tactical provenance analysis for endpoint detection and response systems,” Proc. – IEEE Symp. Secur. Priv.<\/em>, vol. 2020-May, pp. 1172\u20131189, 2020, doi: 10.1109\/SP40000.2020.00096.<\/p>\n

[3]\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 G. Karantzas and C. Patsakis, “An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors,” pp. 387\u2013421, 2021, doi: 10.3390\/jcp1030021.<\/p>\n

[4]\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 S. Slate, “Endpoint Security: An Overview and a Look into the Future,” Lat. Am. Polit. Hist.<\/em>, 2018, doi: 10.4324\/9780429499340-15.<\/p>\n

[5]\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 G. Gonz\u00e1lez-granadillo, S. Gonz\u00e1lez-zarzosa, and R. Diaz, \u201cTrends, and Usage in Critical Infrastructures,\u201d 2021.<\/p>\n

[6]\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 M. Chopra and C. Mahapatra, “Significance of security information and event management (SIEM) in modern organizations,” Int. J. Innov. Technol. Explor. Eng.<\/em>, vol. 8, no. 7, pp. 432\u2013435, 2019.<\/p>\n

[7]\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 M. Vielberth and G. Pernul, “A Security Information and Event Management Pattern,” Fed. Minist. Educ. Res.<\/em>, vol. 1, no. November 2018, pp. 1\u201312, 2018.<\/p>\n

[8]\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 H. Jauhiainen, “Designing End User Area Cybersecurity for Cloud-based Organization,” no. February 2021.<\/p>\n

[9]\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 A. Chuvakin, “Gartner Blog Network,” 2013. https:\/\/blogs.gartner.com\/anton-chuvakin\/2013\/07\/26\/named-endpoint-threat-detection-response\/ (accessed July 2021).<\/p>\n

[10]\u00a0\u00a0\u00a0\u00a0 Mcafee, “What is Endpoint Detection and Response (EDR)? ” 2021.<\/p>\n

[11]\u00a0\u00a0\u00a0\u00a0 “Endpoint Detection and Response – Global Market Outlook (2017-2026),” Stratistics Market Research Consulting<\/em>, 2018. https:\/\/www.marketresearch.com\/Stratistics-Market-Research-Consulting-v4058\/Endpoint-Detection-Response-Global-Outlook-12066121\/ (accessed July 2021).<\/p>\n

[12]\u00a0\u00a0\u00a0\u00a0 L. Neely and A. Torres, “Endpoint Protection and Response: A SANS Survey,” SANS Inst.<\/em>, no. June, p. 16, 2018.<\/p>\n

[13]\u00a0\u00a0\u00a0\u00a0 J. Petters, “What is SIEM? A Complete Beginner’s Guide – Varonis,” 2020. https:\/\/www.varonis.com\/blog\/what-is-siem\/ (accessed July 2021).<\/p>\n

[14]\u00a0\u00a0\u00a0\u00a0 Cisco, \u201cWhat is XDR? – Extended Detection and Response – Cisco,\u201d 2021. https:\/\/www.cisco.com\/c\/en\/us\/products\/security\/what-is-xdr.html (accessed July 2021).<\/p>\n

[15]\u00a0\u00a0\u00a0\u00a0 Mcafee, “What Is XDR? Extended Detection and Response l McAfee,” 2021. https:\/\/www.mcafee.com\/enterprise\/en-us\/security-awareness\/endpoint\/what-is-xdr.html (accessed July 2021).<\/p>\n

[16]\u00a0\u00a0\u00a0\u00a0 “Endpoint Detection and Response (EDR): o caso do contexto | Security Report,” 2019. https:\/\/www.securityreport.com.br\/overview\/endpoint-detection-and-response-edr-o-caso-do-contexto\/#.YPc5kRNKj0p (accessed July 2021).[\/vc_custom_heading][\/vc_column][\/vc_row]<\/p>\n","protected":false},"excerpt":{"rendered":"

Pedro Ramos Brandao, Coordinator Professor at Instituto Superior de Tecnologias Avan\u00e7adas
\nJo\u00e3o Nunes, Master Degree Student at Instituto Superior de Tecnologias Avan\u00e7adas
\nDOI: 10.31112\/kriativ-tech-2021-10-58<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[70],"tags":[],"_links":{"self":[{"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/posts\/66381"}],"collection":[{"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=66381"}],"version-history":[{"count":4,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/posts\/66381\/revisions"}],"predecessor-version":[{"id":66432,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/posts\/66381\/revisions\/66432"}],"wp:attachment":[{"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=66381"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=66381"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=66381"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}