Managed Detection and Response (MDR)
Managed detection and response (MDR) is an outsourced service that provides organizations with threat hunting services and responds to threats once they are discovered. It also involves a human element: we provide our MDR customers access to their pool of security researchers and engineers, who are responsible for monitoring networks, analyzing incidents, and responding to security cases.
MDR is more focused on threat detection, rather than compliance. The services are delivered using our own set of tools and technologies, but are deployed on the users’ premises. The technology stack often deals with host- and network-based solutions. SmartIT will be responsible for managing and monitoring these tools. The tools are placed to guard Internet gateways and can also detect threats that have passed traditional perimeter security tools. The techniques we use may vary: some rely solely on security logs and others use network security monitoring or endpoint activity to secure your network.
Managed detection and response relies heavily on security event management and advanced analytics.
While some automation is used, managed detection and response usually involves security analysts to monitor your network round the clock. Security analysts also do analysis of security events and alerting the customer. Customers can expect to have direct interactions with the analysts rather than relying on a portal or a dashboard when it comes to alerting, investigating security events, case management, and other activities.
We also perform incident validation and remote response. This means if you need to identify indicators of compromise, reverse engineer a piece of malware, or do some sandboxing, you can rely on SmartIT for all these things. You can even consult with us on how to remedy or contain security vulnerabilities.