EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud

Guest: Arie Zilberstein, CEO and Co-Founder at Gem Security Topics:  How does Cloud Detection and Response (CDR) differ from traditional, on-premises detection and response? What are the key challenges of cloud detection and response? Often we lift and shift our teams to Cloud, and not always for bad reasons, so  what’s your advice on how to teach the old dogs new tricks: “on-premise-trained” D&R teams and cloud D&R? What is this new CIRA thing that Gartner just cooked up?  Should CIRA exist as a separate market or technology or is this just a slice of CDR or even SIEM perhaps? What do you tell people who say that “SIEM is their CDR”? What are the key roles and responsibilities of the CDR team? How is the cloud D&R process related to DevOps and cloud-style IT processes?  Resources: Video version of this episode Cloud breaches databases EP98 How to Cloud IR or Why Attackers Become Cloud Native Faster? EP103 Security Incident Response and Public Cloud - Exploring with Mandiant EP76 Powering Secure SaaS … But Not with CASB? Cloud Detection and Response? 9 Megatrends drive cloud adoption—and improve security for all “Emerging Tech: Security — Cloud Investigation and Response Automation (CIRA) Offers Transformation Opportunities” (Gartner access required) “Does the World Need Cloud Detection and Response (CDR)?” blog