Cloud Security Podcast by Google

EP182 ITDR: The Missing Piece in Your Security Puzzle or Yet Another Tool to Buy?

Jul 22, 2024

Guest Adam Bateman, Co-founder of Push Security, discusses ITDR: its definition, benefits, and alternatives. Topics include workload vs human identity ITDR, common threats detected, and advice for implementation. The podcast explores the evolution of ITDR, its relationship with other security categories, advantages of browser telemetry, and specific threats addressed by ITDR tools.

28:20

Creator website

Episode guests

Adam Bateman

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

ITDR focuses on detecting and responding to identity attacks, extending beyond on-premises to safeguard cloud identities.

Incorporating browser-based telemetry enhances ITDR's detection capabilities for identifying cloned sites and monitoring unmanaged identities.

Deep dives

Overview of ITDR

ITDR, which stands for Identity Threat Detection and Response, focuses on detecting and responding to identity attacks similar to how EDR deals with endpoint attacks. The evolution of ITDR indicates a shift towards safeguarding not just on-premises active directory attacks but also addressing incidents like phishing attacks that occur within browsers. The emphasis on cloud identities and capturing telemetry directly from browsers highlights the need to extend security measures beyond traditional methods, adapting to the evolving attack landscape.

Intro

2min

Evolution and Importance of ITDR in Cybersecurity

10min

Exploring the Relationship Between Identity Security Posture Management and Other Security Categories

2min

Advantages of Browser Telemetry for Security

6min

Understanding Threat Detection and Response in ITDR Tools

9min

Guest:

Adam Bateman, Co-founder and CEO, Push Security

Topics:

What is Identity Threat Detection and Response (ITDR)? How do you define it?
What gets better at a client organization once ITDR is deployed?
Do we also need “ISPM” (parallel to CDR/CSPM), and what about CIEM?
Workload identity ITDR vs human identity ITDR? Do we need both? Are these the same?
What are the alternatives to using ITDR? Can’t SIEM/UEBA help - perhaps with browser logs?
What are some of the common types of identity-based threats that ITDR can help detect?
What advice would you give to organizations that are considering implementing ITDR?

Resources:

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Cloud Security Podcast by Google

EP182 ITDR: The Missing Piece in Your Security Puzzle or Yet Another Tool to Buy?

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Overview of ITDR

Distinguishing ITDR from Predecessors

Integration and Comprehensive Approach in ITDR

Challenges and Novel Aspects of Identity Threat Detection

Remember Everything You Learn from Podcasts