Discussion about this post

User's avatar
Erik Klein's avatar

Amazing summary. Totally agree on ASPM + CADR (ideally both at runtime).

To address your last paragraph, I personally believe that the people who are obsessed with CNAPP often don't fully understand insecure code (or any code) and that with port 443 wide open inviting attackers in the front door, there's insecure code waiting to be exploited on the other end ... it's the path of least resistance and the most challenging to fix (partly because it involves developers getting involved). Why else would the Verizon DBIR indicate in 2023 that 80% of security incidents involve insecure software?

Expand full comment
Jyoti's avatar

You have a blog post written on CADR, is CADR like XDR again? Because XDR was this snake oil where you took a log event from a firewall, from a cloud and tried to link them to together which makes 0 sense. Is CADR the same , where you take a log event from CDR, ADR and combine them? This would never work. A cloud event is different from an application event

Expand full comment
2 more comments...

No posts