In episode 148 of Cybersecurity Where You Are, Sean Atkinson is joined by Rob Reese, Cyber Incident Response Team Manager at the Center for Internet Security® (CIS®); Dustin Cox, Cyber Incident Response Team Analyst at CIS; and Cliff Moten, Manager, Cybersecurity Solutions Engineering at CIS. Together, they discuss how organizations can use Managed Detection and Response (MDR) tools to help defend against zero-day attacks. Here are some highlights from our episode:

• 01.06. Demystifying zero-day vulnerabilities with a definition
• 02:36. Why zero-day attacks are some of the most serious threats facing organizations today
• 04:19. Examples of zero-day exploits and how these threats affect Incident Response (IR)
• 10:06. The importance of understanding your environment and patch management
• 13:58. How MDR assists with behavioral analysis, assembling holistic inventories, and IR
• 20:02. The role of asset inventories in determining scope and containing a zero-day incident
• 24:08. Why it's important to have humans managing and monitoring an MDR solution
• 27:11. MDR as a means of centralizing evidence of a zero-day attack
• 30:05. Parting thoughts for those concerned with their endpoint security posture

Resources

• CIS Managed Detection and Response™ (CIS MDR)
• Multi-State Information Sharing and Analysis Center®
• CIS Critical Security Control 1: Inventory and Control of Enterprise Assets
• CIS Critical Security Control 2: Inventory and Control of Software Assets
• The CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber Maturity
• Real-Time Indicator Feeds
• Incident Response Policy Template for CIS Control 17

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.