Managed Detection and Response (MDR) services provide modern security operation centre (SOC) capabilities focussed on quickly detecting, investigating and actively mitigating cyber security incidents. Our MDR service offers a complete cyber security technology stack to monitor your entire infrastructure including endpoints, network devices and cloud systems.
How this works
We utilise tools such as endpoint security software, security incident and event management (SIEM) and security orchestration, automation and response (SOAR) to collect logs, data and contextual information. This telemetry information enables our team of specialists to actively hunt for threats and respond to incidents. All of this is backed up by threat intelligence from a range of industry-leading threat intelligence organisations and open-source databases.
To understand Managed Detection and Response (MDR), it is worthwhile explaining two other disciplines which make up our MDR offering. These are Endpoint Detection and Response (EDR) and (XDR) Extended Detection and Response.
Endpoint Detection and Response (EDR)
The endpoint is still a significant origin for cyber security breaches, especially in a hybrid working environment. Traditional signature-based anti-virus will not catch a significant amount of today’s threats. Therefore a more comprehensive approach is needed.
Our EDR solution, powered by Cisco Secure Endpoint which combines behavioural analytics, machine learning, and signature-based techniques to stop threats from compromising your endpoints.
Extended Detection and Response (XDR)
XDR expands on EDR by including other critical areas of your infrastructure including network and cloud environments. Our XDR solution ingests data from multiple sources such as firewalls, secure web gateways (SWG) and cloud environments such as AWS.
We then integrate these multiple systems and provision powerful security automation and response plays such as blocking suspicious IPs at the firewall, locking-out users from critical apps via Zero Trust controls or isolating a user’s PC if a compromise is suspected.
Industry-leading MDR technology
We have adopted the latest industry innovations which have been specifically chosen to connect and protect your critical infrastructure. We integrate Cisco networking and security technologies, SecureX automation and orchestration and AT&T Cybersecurity’s USM Anywhere platform to create a truly unique offering.
Reducing incident response times
Our MDR service provides you with unified visibility and automation across your private network, endpoints, cloud environments and encrypted traffic. This means we can eliminate time-consuming tasks and shorten the time spent on threat hunting.
In turn, we can reduce the mean time to detection (MTTD) and mean time to respond (MTTR), meaning we can lessen incident response times by up to 85% and cut the amount of dwell time attackers have on your systems.
Comprehensive threat intelligence
Protos Networks’ MDR services use multiple industry-leading sources of threat intelligence to ensure that our customers are protected against the latest emerging cyber threats.
Some of the key threat intelligence sources our SOC utilises include AT&T Alien Labs, the Open Threat Exchange (OTX) and Cisco Talos – the world’s largest non-governmental threat intelligence agency. By partnering with both Cisco and AT&T, we gain unparalleled threat visibility due to the global footprints of both organisations.
Risk-based vulnerability management
As a bolt-on to our MDR service, Protos Networks can also provide a dedicated vulnerability management service as part of our engagement.
Our service – managed in the cloud and powered by industry-leading Tenable.io software – scans your systems for more than 59,000 known vulnerabilities and configuration issues. Our team then sends your IT team easy-to-understand, risk-based reports to advise on which vulnerabilities to fix first.
