Why
Managed detection and response (MDR) services combines threat hunting with response services to detected threats to lower the mean-time-to-response (MTTR) that traditional MSSPs suffer from when providing traditional monitoring services.
MDR arose out of the need for organizations that lack the resources and time to respond to every detected threat that is escalated from the MSSP. Instead of passively monitoring a SIEM, MDR enables the MSSP to perform round-the-clock threat hunting and mitigation of those threats found. In addition, endpoint detection and response (EDR) is monitored and leveraged by the MSSP to perform threat hunting and response efforts.
How
SecReliant leverages our customer’s existing EDR solution rather than forcing an overhaul of every endpoint to a proprietary agent used by SecReliant. Organizations shouldn’t conform to the tools used by the MSSP, the MSSP should provide the human analytic rigor irrespective of the tool used. After all, security isn’t a technology problem, it’s a human problem.
What
When providing MDR services, SecReliant:
- Monitors and manages the existing EDR solution the client is using or recommends an EDR platform if one hasn’t yet been rolled out
- Performs round-the-clock threat hunting to quickly identify threats to lower the mean-time-to-detection (MTTD)
- In order to lower mean-time-to-response (MTTR), SecReliant will immediately mitigate threats and isolate hosts when threats are identified