Badges
35 Points
4 Years
User Activity
Almost 3 years ago
Answered a question: What are the main differences between XDR and SIEM?
XDR as a solution is still evolving and means different things to different organizations.
Each vendor has a different spin on XDR as they try to win the market and enterprises struggle to figure out what XDR includes and doesn't.
I try to take a simpler approach as XDR…
About 3 years ago
Answered a question: Which is better - SentinelOne or Darktrace?
Both @Janet Staver and @ITSecuri7cfd are spot on.
As a security vendor, like ITSecuri7cfd points out, one tool is for the endpoint and one tool is for the network side.
If you looking for an EDR tool, you should look to compare solutions from Carbon Black, Crowdstrike…
Over 3 years ago
Answered a question: How does Network Detection and Response (NDR) Differ from SIEM?
NDR and SIEM are two different types of tools used by security professionals.
You don't need a SIEM to run an NDR solution or vice versa. Larger organizations or mature organizations tend to have both in addition to other tools like EDR and SOAR.
Today's NDR's are…
Over 4 years ago
Answered a question: What are your top considerations when choosing a Network Traffic Analysis tool?
1. Visibility, ability to provide deep insight into all of the network traffic.
2. Analytic engines, the ability to use multiple detection engines like ML-based, Zeek, Suricata, etc.
3. Scale, ability to address policy requirements for N/S and E/W deployments on-prem or in…
Over 4 years ago
Answered a question: What is the biggest difference between Corelight and Vectra AI?
Corelight is a Zeek based solution for network behavior analysis and Vectra AI is a User Behavior based solution. If you are comparing these 2 systems you are comparing apples to oranges. You shouldn't be evaluating these products against each other as they address…
Over 4 years ago
Answered a question: What is the best IDPS security tool and why?
I find this question very interesting.
We, Bricata, provide an IDS solution that when purchased one of the many deployment strategies is to put it right behind the "Tier 1" NGFW/IDPS solutions in the market. I believe this is due to the fact that we provide detailed…
Answers
Almost 3 years ago
Security Information and Event Management (SIEM)
Over 3 years ago
Security Information and Event Management (SIEM)
Over 4 years ago
Network Traffic Analysis (NTA)
Over 4 years ago
Intrusion Detection and Prevention Software (IDPS)
Over 4 years ago
Intrusion Detection and Prevention Software (IDPS)