Black Hat 2024: How to Get Ahead of the Security Curve with MDR
Curt Aubley, COO and chief product officer at Deepwatch, joins Dark Reading's Terry Sweeney at News Desk during Black Hat USA to discuss how customers can adapt to a highly dynamic attack surface.
For Curt Aubley, COO and chief product officer at Deepwatch, it's less about product dogma and more about a customer's desired outcome for managing their cloud data and keeping it secure. And while SIEM may be at one end of the continuum and managed detection and response (MDR) at the other, those options vary widely based on the customer, he tells the Dark Reading News Desk during Black Hat USA.
Some customers have the budget and company size to invest in all the engineering and architecture work required to have their own SIEM. Others don't have the budget or the organizational requirements, and gravitate toward MDR or extended detection and response. And then there are customers who use a mix of technologies. "I don't think it's usually one or another type of an option — it's more of what outcomes can you achieve and have you been able to optimize your cyber spend," Aubley notes. "We take a very open approach. We take the best that the industry has and then we put our technology around it."
Aubley also reports they're also seeing a customer need for deeper AI inside enterprise cloud firewall management ("Yes, there still out there," he says). "Some 68% of all attacks are now using identity, but it's just not getting a deeper knowledge of AI for that investigation, that bringing everything together," Aubley says. "We start to remediate, we learn more, and we want might want to isolate and remediate identities. It's also a coordinated active response so that you can isolate," he says.
Curt Aubley is an entrepreneurial collaborative leader that drives the thought leadership, vision, and strategy that delivers next generation disruptive technology, cyber solutions, and innovations. Curt has held executive CEO / CTO / CIO / CSO / CISO positions at OAO, MightyView, Lockheed Martin Information Systems & Global Services, Intel Corporation, CrowdStrike, and most recently Deloitte. The technology areas of focus include next generation operational excellence capabilities, cyber security products & solutions, cloud computing, Zero Trust Architectures (ZTA), Big Data / AI / machine learning, IOT, Network Function Virtualization (NFVi), Software Defined Networking (SDN), IOT (Embedded solutions), SASE, innovation programs, Threat Intelligence, and end to end solution transformations.
Curt is also an accomplished public speaker and author that includes the following technical merits: CrowdStrike Certified Responder / Hunter / Administrator, Certified Information System Security Professional (CISSP), Certified / Qualified Ethical Hacker (CEH/QEH), Certified Information Security Manager (CISM), NSA INFOSEC Assessment & Evaluation Methodologies (IAM & IEM), Microsoft Certified Systems Engineer (MCSE), received his B.S. in Electrical Engineering from Northeastern University, Boston, MA, completed computer engineering graduate work while attending the Air Force Institute of Technology, completed the MIT Sloan Innovation & Product program, and is currently a doctoral candidate at Capitol College.
About the Author
You May Also Like
Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024