Badges
95 Points
7 Years
User Activity
6 months ago
Answered a question: Why is EDR (Endpoint Detection and Response) important for companies?
Endpoint Detection and Response (EDR) is vital for companies due to its ability to detect advanced threats, provide deep visibility into endpoint activities, enable rapid incident response, facilitate forensic analysis, ensure compliance, and protect remote workforces. EDR…
About 2 years ago
Contributed a review of Tenable Nessus: Helps to discover and patch vulnerabilities proactively
About 3 years ago
Contributed a review of NetWitness NDR: Overall great feature functionality, simple installation, and helpful technical support
Over 4 years ago
Answered a question: How does EternalBlue work?
EternalBlue exploits officially named MS17-010 by Microsoft is a vulnerability that affects outdated versions of Microsoft Server Message Block (SMB). The quickest mechanism to protect against EternalBlue is through system PATCHING, i.e. download the latest version of…
Over 4 years ago
Contributed a review of NetWitness NDR: Good performance and reporting, and can discover unknown malware using signatureless detection methods
Over 4 years ago
Answered a question: What measures should a business have in place to enable an effective incident response for data breaches?
Incident Response Plan or Workflow
Incident Classification and Prioritisation book
The right People Process and Technology
The Playbook
Efficient SOC strategy
Over 4 years ago
Answered a question: I would like to compare CrowdStrike and Carbon Black. On what basis should I decide?
CrowdStrike provides both a streaming and query REST API for accessing many of the features available through the Falcon Platform's UI. Carbon Black also provides a well-documented REST API for building custom integrations with the platform
Technical comparison can be found…
Almost 5 years ago
Answered a question: What is the biggest difference between EPP and EDR products?
EPP (Endpoint Protection Platform) covers traditional anti-malware scanning. EPP is typically designed to reactively detect and block threats at device level e.g. antivirus, anti-malware, data encryption, personal firewalls, intrusion prevention (IPS) and data loss…
Over 5 years ago
Contributed a review of NetWitness NDR: Enables us to detect any malware and analyze it before it can impact and do harm to our business
Over 5 years ago
Contributed a review of IBM Security QRadar: Enables our clients to detect threats and vulnerabilities in real time
Over 6 years ago
Answered a question: Which would you recommend to your boss, IBM QRadar or Splunk?
I would choose Q Radar (Security Intelligence Platforms)
Whilst Splunk is highly rated by Gartner we do not see it as a commercial threat. The IBM support team summarised Splunk as being a very good collection tool with very poor analytics. Plugins are available for Splunk…
Over 7 years ago
Thanks I agree.
Currently Researching
Experience
Following
Reviews
About 3 years ago
NetWitness NDR
Over 4 years ago
NetWitness NDR
Over 5 years ago
IBM Security QRadar
Answers
6 months ago
Endpoint Detection and Response (EDR)
Over 4 years ago
IT Alerting and Incident Management
Over 4 years ago
Endpoint Protection Platform (EPP)
Almost 5 years ago
Endpoint Protection Platform (EPP)
Comments
Over 7 years ago
Security Information and Event Management (SIEM)
About me
BEng (Hons), MEng, PhD, CISMP, CEH, CNDA, MIEEE, MIET, Member of Gartner. Member of ITCentral
Dr Trust Mapoka is a top performing Chief Cyber Security Specialist who applies proactive and pragmatic approach to address cyber security initiatives at various government, para-governmental and private organisations globally. As a Subject Expert Advisor, he has applied himself in multiple fields of cyber security projects that involves Governance, Risk and Compliance, incident response management, advanced security analytics and network forensics, security operation centre development, vulnerability management and ethical hacking, financial crime intelligence analytics, Darknet monitoring analytics, business intelligence, information security policy implementation and enforcement, training and awareness, information security management auditing, cybersecurity strategy formulation and governance frameworks, leadership administration and consulting in diversity of cyber security products and technologies.
