Gartner defines managed detection and response (MDR) services as those that provide customers with remotely delivered security operations center (SOC) functions. These functions allow organizations to perform rapid detection, analysis, investigation and response through threat disruption and containment. They offer a turnkey experience, using a predefined technology stack that commonly covers endpoints, networks, logs and cloud. Telemetry is analyzed within a provider’s platform using a range of techniques. The MDR provider’s analyst team then performs threat hunting and incident management to deliver recommended actions to their clients. MDR offers outcome-driven security incident management that is predicated on the detection, analysis and investigation of potentially impactful security events and the delivery of active threat disruption and containment actions to respond to and mitigate the impact of cyber breaches.
"Analyzing the 24/7 Security Operations of Sophos NextGen and MDR"
The overall experience with Sophos NextGen End Point, Firewall and MDR is very much appreciable as it truly delivers instant SOC as a service with complete peace of mind by monitoring 24X7.
"Maximizing Network Security with Arctic Wolf"
My company has been an Arctic Wolf customer for 6 months or so, and during that time, we've been very pleased with the level of service they have provided. We considered multiple vendors before we settled on Arctic Wolf, but we felt that AW's size and cost were both advantages over some others we looked at. We wanted a partner that had enough clients around the world that it would hopefully be exposed to a lot of threats and would therefore be able to recognize the tell-tale signs of almost anything that might threaten us. We think we found that with AW but at a much better price than some of its competitors. AW assigns its clients a concierge security team to be the go-to guys for all incidents or questions. I've been very pleased with our team so far. They are very helpful and will dig into the data they receive from us to help us understand any issues we might encounter. We've used an on-premise SIEM product for a few years that was very nice, but we just don't have the manpower and expertise to operate that to its maximum potential. This was one of the main reasons we decided to outsource that service. So now our AW team takes on that burden for us and can keep an eye on everything 24x7. They notify us when they see something unusual and they can even take action themselves to stop problems from spreading and getting bigger. Bottom line, in the past I always had a fear of something happening inside our network with my knowledge. Now, I feel like we're much more prepared to stop anything before it has a chance to do much damage.
"Exploring the Real-Time Threat Detection of SentinelOne Vigilance"
I have found SentinelOne Vigilance Response to be generally quite good. The features of threat identification in real-time and the immediate response to incidents have been particularly useful for protecting our organization from threats like ransomware and malware. This way it is known that there is constant vigilance and immediate intervention as soon as the possibilities of threats emerge. However, there were cases of false positives that mounted further inquiries which were somewhat time-consuming. However, serving the comfort of knowing that our cybersecurity is in trusted hands in which we do not need a specific internal team is very useful.
"Falcon's Enhanced Endpoint Security"
Falcon provides the potential to improve our ability to safeguard our assets and respond quickly to possible attacks. Its real-time monitoring and alerting system allows us to detect and investigate potential threats promptly. This visibility is critical for identifying both known and unknown threats, including advanced malware and zero-day attacks. One of the features of falcon machine learning and behavioral analytics that helps to enhance threat detection. It works by evaluating the endpoint behaviors and correlates them with global threat intelligence, which helps us to differentiate between normal and suspicious actions. By employing falcon capabilities, it thus helps to constantly refine our processes to be better equipped to defend against the evolving threat landscape and safeguard our organization's critical assets and data.
"Rapid7 MDR services have been a game changer for our security"
The MDR service has been a game changer for our security posturing. We don't have a large team that can concentrate on security and chasing issues all day and the piece of mind is great. Deployment was simple and as long as you are willing to install Agents on computers it couldn't be easier to manage and tie into other offerings. Our Customer contacts have been a pleasure to work with and they take the time to communicate with us and answer questions and explain features.
"ReliaQuest: Making 24/7 Security Operations Center a Reality"
I began working with ReliaQuest (RQ) at my current job. I had never worked with an MSSP before and the company was still in the midst of truly onboarding them, the SIEM, and the detections available from RQ. I was pleasantly surprised at how easy RQ is to work with, from the CSMs to the account managers, to the detection teams. Each team is responsive to our needs and suggestions. We approve of our relationship with them so much we have onboarded two additional products offered by RQ: their Phishing Analyzer and Digital Risk Protection.
"A Happy Administrator of AlertLogic For The Past 2 Years. "
My overall experience as an Administrator of this tool has been amazing. This tool is powerful, easy to use, and has a lot of MDR features with very little false positives.
"Secureworks Platform Delivers Excellent Detection and Usability"
Implementation was very simple and straightforward. Secureworks provided excellent tools and guidance to assist with onboarding. The day-to-day operation of the platform is excellent with strong detection, minimal false positives and an easy-to-use dashboard. Customer support has been excellent.
"Great partner to help cybercrime"
I was not involved in the purchase or initial setup but staff tell me that it was very easy.
"Cybereason Delivers Unparalleled Threat Detection and Response Capabilities"
Cybereason's UI is intuitive and offers a detailed visual representation of the attack chains, giving us a holistic view of our security posture. This makes it easier for our team to detect patterns, thus improving our response times. The system's active monitoring of user behavior and network traffic to identify anomalies has been very efficient and invaluable in enhancing our security framework.
"Expel's API Integrations Propel Fast Adoption"
Expel's API integrations lead to fast adoption and onboarding. Their approach eliminates the need for SIEM in many spaces. Expel's tools are the same as what the customer can access. Strong customer service and partnership to help us achieve our cybersecurity goals for this area of operations.
"Leading MDR Provider with Outstanding Customer Service"
eSentire provides leading MDR capabilities that cover our entire attack service. Their services are extremely easy to deploy and integrate well with our other security tools. eSentire's team of experts are highly technical yet very skilled at communicating in non-technical language so time sensitive decisions can be easily understood and made confidently. Their services and support take a huge burden off of any security leader and organization knowing that these critical capabilities are well-covered.
"WithSecure Countercept: The Security Solution Simplifying Protection"
WithSecure Countercept is a perfect detection and response service for organizations that can't implement a full Security Operations Center, but would still like to have a mature 24/7 security monitoring service.
"Fantastic Partner Exceeds Previous Service Provider Expectations"
They have been a fantastic partner and much better than previous MSP types service offerings.
"Bitdefender MDR Foundations: An Eye on Your Network 24x7"
I am currently using Bitdefender Gravity Zone Enterprise so the "fit" for Bitdefender MDR Foundations is seamless. It has worked well since day one. The setup wasn't overly complicated. And other than some questions you have to answer - that's all there is to setup.
"Exceptional Support from Knowledgeable Team"
The support provided by the team has been exceptional, The team is knowledgeable and responsive in addressing any issues or concerns in a timely manner.
"Ensuring Data Confidentiality and Accessibility with ESET MDR"
For our small business, ESET MDR, protect, inspect & cloud protection are vital for our endpoints, network, email & servers; including vulnerability patching. This package of ESET products working seamlessly together literally allows us to sleep better at night knowing our data is confidential, yet highly available and accessible to authorized users; especially remote users in the field.
"DeepWatch, customizable, effective automation, comprehensive protection, expert guidance"
DeepWatch offers a wide range of security solutions that safeguard against various cyber threats. Their team of security experts provide valuable insights and quick responses to security incidents. The automated alert system is very precise and completely customizable, helping in a swift threat response and damage mitigation. Their services aim to minimize cybersecurity risks, saving costs and protecting reputation. Deepwatch also stays updated with evolving threats and best practices.
"Best MSSP / MDR for Microsoft E5 Security Stack with Sentinel"
There was no fuss during the negotiations, and it was simple to deal with in terms of contracts and licensing models. Delivered more than what was promised. With no upselling of various products, all services were offered in 3 buckets. Leverage every aspect of the MS E5 bundle and how to improve your security score. Alert rules and analytics in Sentinel are very good. Provide meaningful recommendations for Conditional Access to prevent / limit future attacks. Provide monthly metrics and scripts related to security hygiene. Only one vendor provided all the features and functionality that Ontinue provided but they were way more expensive and had a complicated licensing model.
"BDS is a product worth trusting"
BDS is a tool we use when we need an extra set of eyes on monitoring. We can always trust them to alert us in a timely manner. They are professional as always.