As DevOps, CI/CD, Cloud adoption, Infrastrucutre as Code adoption speeds up, being able to properly defend and detect against these workloads is getting more and more critical.
I've seen the topic of Detection as Code cropping up more and more lately, things like using CI/CD to help develop, test, deploy and respond to new and novel detections using things like Sigma, Yara, etc are becoming more and more popular.
What things are NetWitness doing to move with this changing environment to help us admin/analysts continue to use NetWitness effectievly.
Unfortunately I don't have the answers you are looking for. However, I have sent an email to some of our Product Managers to see if they might be able to provide an answer to your question. I've asked them to reply directly to this thread so I'm not a bottleneck. I'm hoping they will be able to talk to these new threats and how NetWitness can be used to address them.