OT security - i.e. the protection of operational technology, production facilities, industrial plants or infrastructure facilities - is still in the shadows.
Endpoint Detection and Response solutions provide more comprehensive defenses than conventional antivirus software and can detect fileless attacks launched through legitimate Windows programs.
Monitoring the network infrastructure is an important addition to existing monitoring measures. It complements the information provided by a SIEM system.
In the course of SIEM implementations, one of the biggest challenges for companies is to answer the question of which attack scenarios should be detected by the SIEM system and how these attack scenarios should be prioritized.