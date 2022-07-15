TEL-AVIV, Israel and BOSTON, July 15, 2022 /PRNewswire/ -- CardinalOps , the AI-powered detection engineering company, is sponsoring a live SANS webinar with the goal of helping security operations professionals decipher the alphabet soup around SIEM, EDR, XDR, and MDR.

Large and mature security organizations have invested years of time and effort into their SIEM deployments – often described as the "operating system of the Security Operations Center (SOC)" – as well as their EDR deployments. Many are now faced with questions about the benefits and risks of adopting new approaches versus optimizing the effectiveness of their existing security stacks.

To hear what the experts are saying, join Dr. Anton Chuvakin, Security Advisor at the Office of the CISO, Google Cloud, and Randy Watkins, CTO at Critical Start, as they discuss (and debate) questions such as:

If I have a SIEM and EDR, do I need XDR?

Is XDR a better EDR or a new SIEM?

Does XDR include response? Where does SOAR fit in?

Is XDR a hunting platform or a detection platform?

Is MDR about managed services related to EDR? What about Managed XDR?

Does XDR take less headcount to manage and operate than standalone EDR and SIEM?

Should I map my MITRE ATT&CK coverage across SIEM, EDR, XDR? How?

WHAT: SANS webinar featuring Anton Chuvakin and Randy Watkins

WHEN: Tuesday, July 19 at 3:30pm ET

REGISTER: SANS website (you must create a free account to register – register even if you can't attend and SANS will send you a link to the recording after the event)

About Dr. Anton Chuvakin

Dr. Anton Chuvakin is Security Advisor at the Office of the CISO, Google Cloud,, where he arrived via the Chronicle Security (an Alphabet company) acquisition in July 2019. Until June 2019, Dr. Anton Chuvakin was a Research VP and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies (SRMS) team. At Gartner he covered a broad range of security operations and detection and response topics and is credited with inventing the term "EDR." He also worked for some of the earliest log management companies in the early 2000s.

About Randy Watkins

Randy Watkins is the CTO for CRITICALSTART, where he's responsible for designing and executing the company's strategic technology initiatives, which includes defining the strategy and direction of CRITICALSTART's MDR services delivered by the Zero-Trust Analytics Platform (ZTAP). Previously, Randy served as CRITICALSTART's Director of Security Architecture, where he set the strategy for emerging vendor technologies, created the Defendable Network reference architecture, and set product direction for the company's internally-developed Security Orchestration Automation and Response platform. Watkins was employee number five when he joined CRITICALSTART in 2012.

About CardinalOps

Most security vendors pitch you on replacing your stack or adding new monitoring tools to it. But CardinalOps has a more practical and pragmatic approach. Our SaaS platform delivers AI-powered recommendations to continuously eliminate MITRE ATT&CK coverage gaps in your existing stack (Splunk, Sentinel, QRadar, CrowdStrike, CarbonBlack, etc.). It continuously audits your instance to identify and remediate broken, noisy, or missing detections while delivering new high-fidelity detections for the adversary techniques most relevant to your business priorities and infrastructure. Learn more at cardinalops.com .

