Cloud Security Podcast by Google EP182 ITDR: The Missing Piece in Your Security Puzzle or Yet Another Tool to Buy?
7 snips
Jul 22, 2024 Guest Adam Bateman, Co-founder of Push Security, discusses ITDR: its definition, benefits, and alternatives. Topics include workload vs human identity ITDR, common threats detected, and advice for implementation. The podcast explores the evolution of ITDR, its relationship with other security categories, advantages of browser telemetry, and specific threats addressed by ITDR tools.
AI Snips
Chapters
Transcript
Episode notes
ITDR: A Paradigm Shift in Security
- Identity threat detection and response (ITDR) is a security approach focused on detecting and responding to identity-based attacks, similar to endpoint detection and response (EDR).
- However, unlike EDR, identity doesn't have a specific domain, so ITDR sensors need to be deployed and integrated across various locations.
ITDR: Justifying Its Existence
- ITDR has robust reasons for its existence as a technology domain, distinct from simply renaming existing security modules.
- It aims to provide detection and response capabilities in the new domain of identity as an overall system, addressing the increasing attack surface online.
Benefits of Deploying ITDR
- Deploying classic ITDR provides out-of-the-box rules for visibility into identity-based attacks like impossible travel and MFA fatigue.
- This offers immediate value without needing to write custom rules in a security information and event management (SIEM) system.