National Cyber Warfare Foundation (NCWF)

“Out-of-the-Box” Detection Coverage: A Critical Metric for Endpoint Security
0 user ratings		2024-12-31 22:46:23
milo
Blue Team (CND)
 - archive -- 

"Out-of-the-Box" Detection Coverage: A Critical Metric for Endpoint Security




Register now: 2024 MITRE ATT&CK Enterprise Evaluation Result Breakdown Webinar.





Back in the summer I wrote a blog around capability versus usability, in which I highlighted that typically industry testing focuses on capability, despite one of the key challenges in the industry being skills. EDR by its nature, is a technical capability and as such the skills gap in this space is even greater. I will always remember a good friend sharing in his keynote, a number of years ago, that there is little point in buying a best of breed solution if you don’t have the people powers to actually use it.


In our recent SoC optimizationresearch we saw that on average only 50-80% of alerts are processed the same day, false positives being a significant challenge and distraction for SoC analysts.


The post “Out-of-the-Box” Detection Coverage: A Critical Metric for Endpoint Security appeared first on Security Boulevard.



Greg Day

Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/12/out-of-the-box-detection-coverage-a-critical-metric-for-endpoint-security/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.