Managed Detection and Response:

October 22, 2019
  • Visibility: Signal sources such as endpoints, IPS/IDS, logs, cloud, vulnerabilities, etc.
  • Fidelity: The depth of information provided by each of the signal sources
  • Detection capabilities: Ability for the provider to detect known and unknown attacker methodologies using commoditized and advanced methodologies
  • Response: Delineation of provider and client responsibilities from investigation, alert, containment and recovery
  • Security Operations Center (SOC)-as-a-Service/Managed Security Information and Event Management (SIEM)
  • Endpoint Detection and response (single telemetry)
  • Managed Detection and response (multi-telemetry)
  • Managed Detection and response (full telemetry)
  • Endpoint Detection and Response (single telemetry)
  • Managed Detection and Response (multi-telemetry)
  • Managed Detection and Response (full telemetry)
  • The current marketplace definition of MDR
  • Technical criteria for evaluating MDR providers
  • The strengths and weaknesses for each of the seven categories of MDR
  • Takeaways for informed decision making
prestitial ad