Microsoft Defender + Red Canary: Stop threats. Accelerate value.

00:33 Presenter Introduction

01:31 Webinar Agenda

02:16 What does an effective modern SecOps program look like?

2:32 Characteristics of an effective SecOps program: Scalable, cost effective, talented team, automation, 24 x 7 capabilities, covering entire enterprise, peace of mind, no staff burnout 

8:58 The Evolution of Security Operations

10:35 “A security operations platform underpinning [MSSP, MDR, EDR, and XDR] gives you the ability to grow and evolve and not have to worry about the tech and integrations that need to be built – that’s the platform’s job.” – Cordell

10:53 Increasingly Sophisticated Attackers

11:07 – “Attackers are increasing in sophistication…Via ransomware and many other improved tactics and techniques, at least half of all incidents were able to avoid detection for weeks, months, or even years.” – Cordell

12:08 Customer Q&A: CoStar Group

12:21 How has CoStar’s SecOps program grown & how has Red Canary helped?

13:25 “The 24 x 7 [support] is critical. We have a small security team and trying to build out 24 x 7 support [internally] is a huge task and extremely expensive, so having the support [from Red Canary] allows us to go home at night and sleep easily…We know we have a team of highly skilled professionals 24 x7 behind us that’s an extension of the CoStar team and having that allows us to invest time and resources in other things besides cybersecurity response.” – Grover

15:50 What are some challenges CoStar’s security operations team faces?

15:59 “Talent is very difficult to find, and it’s even more difficult to find the appropriate talent for your business…To overcome this, we’ve started focusing on college hires. College hires are much easier to get in the door and are more energetic and eager to learn [new technology].” – Grover

19:18 How has the CoStar team addressed these challenges?

21:29 “A big challenge for security teams is getting the products you need and getting budget for it. CoStar is no exception. Moving over to the Microsoft platform and the E5 license…was for the entire business to take full advantage of all Microsoft offerings. We were able to bundle our security budget for XDR and AV into the same budget as all of the Microsoft Office licenses, [which] saved several hundreds of thousands of dollars from our budget.” – Grover

23:21 What are the key benefits of Microsoft Defender + Red Canary?

24:05 – “The level of detection fidelity in providing relevant intelligence around [an alert] – what’s the MITRE ATT&CK® technique, is it associated with a group, etc. That’s a huge benefit to my team – we’re not professional forensicators. Having those key bits of information upfront is a lot faster than us having to [search online] and guess what type of malware we’re dealing with.” – Grover

29:31 Microsoft Defender Demo + Use Cases

37:00 Red Canary Demo + Use Cases

53:01 Key Takeaways

53:43 Questions & Answers