思科 XDR 扩展检测：整个企业的安全分析.pdf

1、#CiscoLive#CiscoLiveMatt RobertsonDistinguished EngineerBRKSEC-2178Security analytic across the enterpriseExtended Detection with Cisco XDR 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnter your personal notes hereCisco Webex App 4Questions?Use Cisco Webex App to chat

2、with the speaker after the sessionFind this session in the Cisco Live Mobile AppClick“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter messages/questions in the Webex spaceHowWebex spaces will be moderated by the speaker until June 9,2023.12344https:/ 2023 Cisco and/o

3、r its affiliates.All rights reserved.Cisco PublicBRKSEC-2178#CiscoLive 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicAgenda5BRKSEC-2178Cisco XDR:Understanding XDR AnalyticsAgenda:What is Cisco XDRArchitecture and Telemetry Extended Detection and ResponseSummary 2023 Cisco and/or i

4、ts affiliates.All rights reserved.Cisco Public#CiscoLiveAbout Me6BRKSEC-2178Matt RobertsonDistinguished Technical Marketing EngineerExtended Threat Detection and Security AnalyticsCisco Live Distinguished Speaker15 years at Cisco:Development,TME,LancopeCanadian ehWhat is Cisco XDR?2023 Cisco and/or

5、its affiliates.All rights reserved.Cisco Public#CiscoLiveA brand new solution to the Cisco PortfolioCisco XDR8BRKSEC-2178 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveWhat is Extended Detection and Response?9BRKSEC-2178Application of analytics to the collected and homog

6、enized data to arrive at a detection of maliciousnessResponse and remediation of that maliciousnessCollection of telemetry from multiple security tools 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDetection and Response and the SOCNGFW/IPS/IDS/WSAEncryption Too noisyNot