MDR Works
MDR services provide a wide array of security services, including alert monitoring, alert prioritization, investigation, and threat hunting. It uses artificial intelligence models and applies them to endpoint, network, and server data in order to correlate and prioritize advanced threats. By investigating prioritized alerts, our threat researchers can then work with organizations to provide a detailed remediation plan.
The diagram below shows the basic process of how the MDR process is designed to respond to threats.
Detection
Our threat researchers continuously monitor an organization’s network and endpoint data — performing threat sweeps to look for specific indicators of compromise — and from there make decisions in terms of threat prioritization.
Analysis
Once a detected potential threat is correlated and prioritized, a team of qualified security operations center (SOC) personnel investigate the origin and scope of the attack, after which a detailed analysis of the threat and its impact is determined.
Response
Our threat researchers will alert the organization of the incident, and will also provide root cause analysis, mitigation recommendations, and toolkits to help the organization handle the incident.
