Automated and AI-based endpoint, detection and response (EDR) solutions are adept at finding anomalies across your network, but not without a major pain point: Too often, they lack the context to understand when an anomaly is a perfectly acceptable sanctioned event, according to Maurice Stebila, CISO at Harman International Industries, a division of Samsung that manufactures visual and audio devices, connected car systems, enterprise automat​ion solutions and connected services.

Security analysts end up wasting their time investigating these sanctioned events, instead of focusing on potentially more serious anomalies that might actually constitute a threat, continued Stebila, in an interview with SC Media at the 2020 RSA cybersecurity conference.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.