As offensive security specialists for over 10 years, we have tested countless organisations who believe their SIEM, EDR or MDR provider offers them comprehensive defense, only to find them lacking in fundamental areas.
From our experience, some “traditional” in-house, yet adequately resourced, Security Operations Centres (SOCs) can still provide a robust defense, while others struggle to stay on top of emerging threats. Similarly, while the latest defensive iterations (MDR, XDR) typically present a tougher challenge, others fail to detect and respond to the evolving tactics, techniques and procedures (TTPs). It’s clear that the newest acronym does not automatically equate to better security.