Contact Us




Change Locale

What You Should Expect from an Effective MDR Provider

Uncategorized | Posted on August 14, 2018 by schap

Organizations are always looking to improve their security defenses, especially when their current approaches are not meeting business or strategic expectations or fail to offer full protection. In the Market Guide for Managed Detection and Response (MDR) services (May 2017), Gartner points out that threat detection and incident response are becoming top priorities for enterprises that are moving away from traditional, prevention-only approaches.

Many organizations are unfamiliar with managed detection and response services and have often turned to alert-based threat protection services that were never designed to handle or investigate advanced attacks. Therefore, it’s important to understand the option of an MDR such as FireEye as a Service, and what to look for when searching for a partner to provide such services.

According to Gartner’s Market Guide for MDR, managed detection and response improves threat detection and incident response capabilities via a turnkey approach to detecting threats that have bypassed traditional security measures.

However, an effective MDR not only detects threats that evade traditional security, but also incorporates proactive hunting and in-depth investigative capabilities to establish the possible identity, motivations, targets, timing, and methodology of potential attackers.

Many providers claim they offer MDRs. From traditional managed security service providers (MSSPs) to pure-play MDR providers, most are new to the security space. You need clear criteria to help identify who you can trust to fully protect your data.

FireEye recommends evaluating MDR providers against these five capabilities:

  • Threat Intelligence is the foundation for detection: Advanced threat detection starts with thinking like an attacker in order to anticipate their next move.
  • Hunting is an iterative process: Hunting must be viewed as a continuous iterative process of discovery and development.
  • Hunting drives technology innovation: Hunting insights should be translated into new product detection capabilities.
  • Incident investigation provides answers, not alerts: an Intel-led approach combining analyst driven detection to drive targeted investigations.
  • Rapid, definitive remediation and response: Full spectrum of response capabilities to match the scope of different attacks to specific needs of an organization.

For an in-depth look at how to evaluate MDR providers, download our new ebook: A Buyers Guide for Managed Detection and Response Services.

FireEye as a Service is a managed detection, investigation and response service that leverages industry-recognized cyber security expertise and threat intelligence to accelerate detection and investigation of cyber attacks.

This article was originally published here.


Related Articles

“A people without knowledge of their past history, origin and culture is like a tree without roots.” – Marcus Garvey

Culture | April 9, 2019 by Kelly Breedon

Softchoice is very proud to have been named to the Great Place to Work Institute’s first ever list of Best Workplaces for Giving Back. This list recognizes organizations with a strong employee commitment to giving back, and a robust range of programs that support positive change in their communities. Taking care and giving back are […]

When we talk about Digital Transformation, three key topics always come to the fore: optimizing IT investments, enabling end users, and IT agility. On a granular level, these three factors form an axis of issues companies must deal with when making the digital leap. At our recent roundtable dinner in Boston, we sat down with […]