Managed Detection and Response (MDR)
Next Generation MDR
Technology is as important to the service as the service is to the technology. Using legacy end-point technology only hinders your ability to investigate and respond. Like the best race cars in the world require trained drivers, the best technology requires you know how to use it. This is why we leverage marketing leading technology coupled with the most comprehensive service in the industry.
MDR Service Approach
Our MDR approach includes a complete coverage of Event Detection, Event Prioritisation, Event Investigation, and Incident Response.
Event Detection and Prioritisation
Alert monitoring, triaging, and prioritisation of events is critical to limit damage of a cyber attack.
Threat Hunting
Threat hunting with actionable threat intelligence, machine learning, and clear indicators of compromise.
Investigation
Advanced investigation services that ensure timely response, forensically preserves data, and ensures cyber insurance compliance
Remediation
Ability to take a host offline to prevent spread and get your business restored quickly.
MDR Technology
Our MDR service is powered by industry leading technology. Coupled with our four-phase approach, our next generation MDR service features include:
- A single agent for detection, data loss prevention, and reporting.
- Best in breed Machine Learning
- Does not rely on legacy signature technology
- Integrated threat intelligence
- Full EDR support for Windows, Mac, and all Linix/Unix flavours
- Google like malware search and analysis capability
- Ability to quarantine hosts for live forensic investigation
- Full sysmon data extraction for MSSP integration
- Device Control and Data Loss Prevention
- Vulnerability Scanning
MDR Certifications and Capabilities
- Fully Certified Staff
- PCI DSS compliant
- NIST 800 Series Compliant
- MITRE Attack Framework Compliant
- SOC 2 TSP Security Conforming
- ISO27001 Compliant
- PSFP/ISM Compliant
- And more!
Managed Detection and Response – Technology Integrations
If you have an MSSP provider, and they’re trying to achieve MITRE compliance you need sysmon data. Our solution has the ability to integrate sysmon data with all SIEM and MSSP technologies on the market today. Our technology has the ability to cull useless sysmon information and feed only the high-fidelity data.