Piecemeal Detection and Response (PDR) can manifest in various ways. The most common symptoms of PDR include:
Multiple security information and event management (SIEM) tools (e.g., one on-premise and one in the cloud)
Spending too much time or energy on integrating detection systems
An underperforming security orchestration, automation and response (SOAR) system
Only capable of taking automated responses on the endpoint
Anomaly detection in silos (e.g., network separate from identity)
If any of these symptoms resonate with your organization, it’s time to address PDR.
I know what you’re thinking, PDR isn’t really a thing. While the security industry already has an overloaded number of “DR” terms, like EDR, NDR, CDR, MDR, XDR, TDIR, etc., you’re right — there’s no industry PDR term, but the sentiment behind our playful acronym is certainly real. Case in point: look at the number of “DR” acronyms in our previous sentence. The industry as a whole is fragmented and this has resulted in many enterprises suffering from PDR.
Why PDR happens
PDR side effects often include malaise, restlessness, a sense of unmanaged risk, a willingness to get distracted by generative AI, a compulsion to attend conferences outside of the office and an uncharacteristic joyfulness when attending budget meetings. This all results from the fact that the road to recovery from PDR can often be difficult. How did you get PDR anyway?
PDR may have snuck into your security program. You were happy with your SIEM and then extended d ..
Support the originator by clicking the read the rest link below.
