EP194 Deep Dive into ADR - Application Detection and Response
Guest: Daniel Shechter, Co-Founder and CEO at Miggo Security Topics: Why do we need Application Detection and Response (ADR)? BTW, how do you define it? Isn’t ADR a subset of CDR (for cloud)? What is the key difference that sets ADR apart from traditional EDR and CDR tools? Why can’t I just send my application data - or eBPF traces - to my SIEM and achieve the goals of ADR that way? We had RASP and it failed due to instrumentation complexities. How does an ADR solution address these challenges and make it easier for security teams to adopt and implement? What are the key inputs into an ADR tool? Can you explain how your ADR correlates cloud, container, and application contexts to provide a better view of threats? Could you share real-world examples of types of badness solved for users? How would ADR work with other application security technologies like DAST/SAST, WAF and ASPM? What are your thoughts on the evolution of ADR? Resources: EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud EP143 Cloud Security Remediation: The Biggest Headache? Miggo research re: vulnerability ALBeast “WhatDR or What Detection Domain Needs Its Own Tools?” blog “Making Sense of the Application Security Product Market” blog “Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem“ book