Open XDR, security operations
Corelight’s Alex Kirk explains why ‘you have to have the N’
Tom Field (Security Editor) •
January 11, 2022
XDR is new to the market, and there remains confusion about what it is – and what it isn’t. Corelight’s Alex Kirk likes to dispel the myth that it’s all about endpoint security. “You have to have the N”, he says – network technology. In this interview, he dispels the myths and exposes the possibilities.
See also: Case Study: The Road to Zero Trust
In this video interview with Information Security Media Group, Kirk explains:
- How XDR differs from other solutions;
- The critical importance of network technology;
- XDR’s relationship with SIEM.
Kirk is a veteran open source security evangelist with a strong engineering background. In 10 years at Sourcefire Research (VRT), he wrote the team’s first malware sandbox and established its global customer outreach and intelligence sharing program. He has spoken at conferences around the world on topics ranging from “Malware Mythbusting” to “Using Bro/Zeek Data for IR and Threat Hunting” and was one of the authors of “Practical Intrusion Analysis”, a textbook often used for university courses on IDS. His security engineering background also includes time at Cisco and Tenable.