Episode 148: How MDR Helps Shine a Light on Zero-Day Attacks
In episode 148 of Cybersecurity Where You Are, Sean Atkinson is joined by Rob Reese, Cyber Incident Response Team Manager at the Center for Internet Security® (CIS®); Dustin Cox, Cyber Incident Response Team Analyst at CIS; and Cliff Moten, Manager, Cybersecurity Solutions Engineering at CIS. Together, they discuss how organizations can use Managed Detection and Response (MDR) tools to help defend against zero-day attacks.
Here are some highlights from our episode:
- 01.06. Demystifying zero-day vulnerabilities with a definition
- 02:36. Why zero-day attacks are some of the most serious threats facing organizations today
- 04:19. Examples of zero-day exploits and how these threats affect Incident Response (IR)
- 10:06. The importance of understanding your environment and patch management
- 13:58. How MDR assists with behavioral analysis, assembling holistic inventories, and IR
- 20:02. The role of asset inventories in determining scope and containing a zero-day incident
- 24:08. Why it's important to have humans managing and monitoring an MDR solution
- 27:11. MDR as a means of centralizing evidence of a zero-day attack
- 30:05. Parting thoughts for those concerned with their endpoint security posture
Resources
- CIS Managed Detection and Response™ (CIS MDR)
- Multi-State Information Sharing and Analysis Center®
- CIS Critical Security Control 1: Inventory and Control of Enterprise Assets
- CIS Critical Security Control 2: Inventory and Control of Software Assets
- The CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber Maturity
- Real-Time Indicator Feeds
- Incident Response Policy Template for CIS Control 17
If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].
As of June 23, 2025, the MS-ISAC has introduced a fee-based membership. Any potential reference to no-cost MS-ISAC services no longer applies.