Security professionals never complain about boredom. Our lives are full of surprises caused by an ever-changing threat landscape and curveballs thrown by our business colleagues. Few, if any, of those surprises compare to the impact the COVID-19 pandemic has had on the technology environments we struggle to protect.
Visibility has become a particular weak point as workforces have adapted to a new virtual reality. To detect and respond to threats, we need visibility into the multiple environments and technology layers our organizations are using. Traditionally, security operations centers (SOC) used tools such as endpoint detection and response (EDR), network detection and response (NDR), and security information and event management (SIEM), a combination of technologies commonly referred to as the "SOC triad," to address this need. Due to the current climate, organizations have rushed processes to deploy technologies to enable remote work. As a result, many security teams found traditional tools are now blind to many new and emerging threats that have resulted from this scenario.