Guest:

• Daniel Shechter, Co-Founder and CEO at Miggo Security

Topics:

• Why do we need Application Detection and Response (ADR)? BTW, how do you define it?
• Isn’t ADR a subset of CDR (for cloud)? What is the key difference that sets ADR apart from traditional EDR and CDR tools?
• Why can’t I just send my application data - or eBPF traces - to my SIEM and achieve the goals of ADR that way?
• We had RASP and it failed due to instrumentation complexities. How does an ADR solution address these challenges and make it easier for security teams to adopt and implement?
• What are the key inputs into an ADR tool?
• Can you explain how your ADR correlates cloud, container, and application contexts to provide a better view of threats? Could you share real-world examples of types of badness solved for users?
• How would ADR work with other application security technologies like DAST/SAST, WAF and ASPM?
• What are your thoughts on the evolution of ADR?

Resources:

• EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud
• EP143 Cloud Security Remediation: The Biggest Headache?
• Miggo research re: vulnerability ALBeast
• “WhatDR or What Detection Domain Needs Its Own Tools?” blog
• “Making Sense of the Application Security Product Market” blog
• “Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem“ book