Incident & Breach Response , Next-Generation Technologies & Secure Development , Security Operations

Using XDR to Detect Ransomware, Supply Chain Attacks

Gartner's Peter Firstbrook Analyzes Detection Methods
Peter Firstbrook, vice president, Gartner

Extended detection and response, or XDR, can play an important role in improving the detection of ransomware and supply chain attacks, says Peter Firstbrook of Gartner.

See Also: Combat IT Team Burnout by Embracing Automation

Organizations are tracking behavior on the endpoints, on the network and on email, he says, "but attacks cut across all of these security controls - email gateway controls, firewall controls, endpoints controls.

"We treat incident response on these various points differently. What XDR is saying is that all of these are part of the same attack. So XDR is integrating incident response experience and their workflow and contextualizing them."

In a video interview with Information Security Media Group, Firstbrook also discusses:

  • How best to respond to supply chain attacks;
  • The state of IT security;
  • How XDR can play a role in analyzing threats.

Firstbrook is a vice president and analyst with Gartner. He has more than 20 years of experience as an industry analyst, helping clients improve their security posture to defend and respond to hacking, ransomware and phishing attacks.


About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.