Privacy policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Managing your cookies

Our website uses cookies. You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button.

Necessary cookies

These are essential for the user navigation and allow to give access to certain functionalities such as secured zones accesses. Without these cookies, it won’t be possible to provide the service.
Matomo on premise

Marketing cookies

These cookies are used to deliver advertisements more relevant for you, limit the number of times you see an advertisement; help measure the effectiveness of the advertising campaign; and understand people’s behavior after they view an advertisement.
Adobe Privacy policy | Marketo Privacy Policy | MRP Privacy Policy | AccountInsight Privacy Policy | Triblio Privacy Policy

Social media cookies

These cookies are used to measure the effectiveness of social media campaigns.
LinkedIn Policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Skip to main content

Advanced Detection & Response

Advanced Detection & response (AD&R)

What is AD&R?

  • AD&R is a rapid evolution of traditional detection and response measures hugely challenged by quickly changing attackers’ techniques, the growing threat from APTs to the public but also private sectors.
  • Modern AD&R has elements in all the five NIST cybersecurity Framework Functions (Identify, Protect, Detect, Respond, Recover), while classic AD&R has elements only in the last three NIST functions: Detect, Respond, Recover.

Why it matters

  • The proliferation of digital enterprise has opened up many vectors for cybercriminals to attack, including network, end points, cloud, OT, IOT.
  • Fast growth of e-crime and the advancement of attacker tooling has made it easy to launch advanced attacks. Successful evasion of preventive controls is a matter of when and not if.
Blue ball Green ball Yellow ball Red ball Purple ball Diagonal straight lines curves outlines X-labels-Years 0-2 years 2-5 years 5+ years Y-labels-Areas AD&R

© Atos 2022 All rights reserved.

Maturity
0-2 years
2-5 years
5+ years
 

0-2 years

2-5 years

5+ years

The landscape

Real-time prevention

Convergence of multiple monitoring technologies into overarching platforms

It enables extended multi-vector visibility and control, including Endpoint based detection and response (EDR), Network traffic analysis (NTA), Cloud analytics and more. On the functional side use case-based correlation or behavioral analysis are no more separate functions in the SOC, but rather one of multiple ways a single platform or service mines every dataset to capture maximum indicators of threat.

Real-time prevention

AI is currently being proven on single modules and functions before envisaging a full AI-driven autonomous/cognitive monitoring and response.

AI will also bring intuitiveness to the way the SOC platform is interacted with by the analysts, threat hunters and security managers. AI is expected to enable cognitive detection & response using developments in Artificial General Intelligence before the end of this decade.

Top-down identification

The future has much more to bring mainly in the area of:

Data analytics tooling “commoditization” : expertise development in this area will continue to enable situational awareness far beyond the one offered by legacy logic-based rules and signatures combined with low volume and not scalable monitoring solutions. Growing maturity in Red Teaming, threat simulation programs, use of deception technologies, threat hunting : all combined will further drive AD&R development with the end goal of staying in front of the attackers for a change.

Key figures

36%

of those technologies are either already adopted by most organizations or will be in the next two years.

50%

of those technologies are expected to be adopted in the next 2 to 5 years cycle.

14%

of those technologies are transformational and wide spread adoption will take over 5 years.

Advanced Detection & Response

Cyber Incident Response

Identity & Access Management

Endpoint & Mobile Security

Network Security

Application Security

Cloud Security

Data Security