AnnouncementCase StudyCheckmarkcustomer-story-iconData Sheethow-to-logoposts
skip to Main Content

Managed Detection
and Response services

Coverage from the cloud to your own network and endpoints

Give us 30 minutes to show you how we help companies that look like you

Thanks for clicking submit. Your message is now being directed to a real person.

MDR Solutions for you

Looking for a security makeover but don’t want a traditional SOC? We improve your security fast (hours or days … not months). It’ll be cheaper than DIY, the quality of our response is stellar and when investigations turn to incidents our median alert-to-fix timelines are shorter than the time it takes to deliver a pizza.

Peace of mind is nice.
You also get results you can see and measure

Reduce your …

SOC start-up time and cost
Skip the 12+ months and $2M+ to build your own SOC from scratch

Alert-to-fix time
When alerts go to analysts our median triage time is 3 minutes

Alert monitoring costs
Our analysts and bots evaluate each alert (including the ones you don’t have time to look at)

Get more …

Cloud security and visibility
Our detection and response approach is unique to each cloud provider

Response quality
Our roots are in incident response so we know which rocks to turn over and we’ll show you the details

Analyst time for risks unique to you
Since we’re chasing down alerts your team can focus on risks unique to you

“BYO-tech” managed detection and response

(get the most outta what ya got)

 

We plug into the cloud services and security tech you already own. We’ll tell you 24x7 when there’s something you need to care about, why and what you need to do to make sure your secrets stay secret.

Managed detection and response (MDR) is managed security that gives you what MSSPs promised … but never delivered

Managed Detection
Proactive threat hunting We go find the attacks your products don’t alert on and which only a human can find
Expel detection rules High fidelity alerts from Expel-curated rules based on simulated and real-life attacks
XDR alert analysis API-integration to your cloud services, EDR, network and SIEM tools let us investigate as if we are in your office
Alert triage by Josie™ Our bot, Josie, evaluates each alert and weeds out false positives so our human analysts focus on alerts that require judgement
Alert enrichment with benchmarks We add details about IPs, hashes and domains and tell you how often each alert leads to an incident
Alert signal visibility See which cloud instances and security tech generate the highest-quality alerts and investigative data
Response
Incident validation and notification One click gets you detailed analysis including answers to what happened, where, when, why and how
Ruxie™ investigative bot Our bot, Ruxie, automates investigative steps so our human analysts get the info they need before they ask for it
Remote response Our analysts investigate and give you detailed reports (written in plain English!) with clear actions
Containment and remediation actions We go as far as you want … from telling you what to do … to pushing the button to contain threats
Alert-to-fix timeline See how long it takes our analysts to go from initial alert to remediation (and each step along the way)
Threat-specific reporting See attack diagrams, maps and timelines specific to threats like commodity malware and BEC
Resilience recommendations We’ll give you detailed guidance on how to improve and get at the root cause of repeated incidents
How we work
See what our analysts see We like company, so you get to share the same view as our analysts via the Expel Workbench
“BYO-tech” approach We’ll use the security tools you already invested in, not make you buy ours (and we don’t sell tools)
Slack comms with our SOC Talk live with our analysts any time via a dedicated Slack channel
Metrics to support ROI We show you what we’re doing as we do it, and calculate metrics so you can hold us accountable
API for custom reporting If you can click on it in our user interface you can automate it with our API and your own code
Security device monitoring While we don’t patch and upgrade your tools, we make sure they’re configured right … and stay that way
Easy to turn on (and off) We don’t take hostages. If we’re not meeting your needs it’s as simple to turn us off as it is to turn on

MDR services give security teams the ability to find, investigate and remove attackers from the environment long before traditional security tools’ alarm bells ring.

— Forrester Research, Inc., “Now Tech: Managed Detection And Response (MDR) Services, Q2 2018,” April 26, 2018.

Give us 30 minutes to show you how we help companies that look like you.

Back To Top