Endpoint Detection and Response (EDR)
as a service

Visibility across your business is key and the endpoint is the quickest way to get it.

There is no such thing as 100% protection. Once you have accepted this fact it is time to implement a strategy on how to detect the threats you couldn’t prevent. The challenge with detection is that today’s threats are not using old malware that is easy to detect and remediate. This behaviour needs to be analysed and correlated across other endpoints to be able to separate the false positives from the real incidents.

The Managed Threat Detection service is a managed detection and response service (MDR) based on endpoint detection and response technology (EDR).

By deploying low impact sensors on the endpoints, behaviour data is collected, enriched, and correlated across all endpoints with the help of an AI hunting engine and a massive in-memory graph database.

By doing up to 8 million correlations per second, the performance against other detection toolsets is unparalleled.

This provides detection abilities far beyond that which traditional signature or rule-based endpoint platforms can demonstrate.

Low impact sensors

By deploying low impact sensors on the endpoints, behaviour data is collected.

AI hunting engine

Data is enriched, and correlated across all endpoints with the help of an AI hunting engine.

in-memory graph database

Integrate multiple data sources and volumes helping reveal dependencies across your IT.

8 Million correlations per second

Up to 8 million correlations per second, the performance against other detection toolsets is unparalleled.

Need to discuss your business cyber security further?

Chat with us online now! We can answer your IT support questions quickly, so you get the information you need.

Chat Now

How the EDR service works
and how we help protect your business

What you want from Endpoint Detection and Response, is a solution that helps you correlate events across machines as well as on machines themselves, to push alerting speed and precision to a new level and at the same time an enterprise-wide view.

EDR

Endpoint Detection and Response

Hardware-based isolation
Application control
Controlled folder access
Network Protection
Exploit Protection
Attack surface reduction rules
Device control

Discover vulnerabilities and misconfigurations in real time
Get expert-level threat monitoring and analysis
Quickly go from alert to remediation at scale with automation
Block sophisticated threats and malware
Detect and respond to advanced attacks with behavioral monitoring
Eliminate risk and reduce your attack surface

Very fast query results
Shorter time to understand
Reduction of alert fatigue
Full scope of incidents
Automated response
Ensure security across all platforms
IOS, Windows, Linux, Android

Comprehensive endpoint visibility

Endpoint detection based on crossmachine correlation provides a strong foundation for continuous security analysis and enterprise-wide coverage.

Advanced analysis and hunting

Detection context providing fast and effecting analysis, continuously tuned. Highly skilled
Security Analysts with the ability to query a huge set of endpoint telemetry.

Quick time to value

Cyber SOC provides security analysts and platform expertise as a service, giving you rapid deployment and strong proven processes.

Rapid Response

Security analysts on hand to isolate threats and limit the impact of breaches. Recovery will be provided to minimise risk to the business.

Is it for my business?

Challenges

Lack of resources to staff your Security Operations Centre 24×7.
Continuous management of EDR configuration to ensure enough context for analysts without producing “alert fatigue”.
Applying global intelligence to cyber security threats.
Lack of visibility and control of endpoints.

When should you consider it?

If you require experts to help deploy and run an outcome-based managed detection and response service based on EDR.
If you require 24×7 or 8×5 managed threat detection.
If you require a provider that not only provides Endpoint Detection and Response but also Log and Network based detection as well as comprehensive Cyber Threat Intelligence.
If you require integration of cyber security tools.
If you require additional Managed Threat Response capabilities.

What do we do?

Deployment of Microsoft Defender for Endpoint platform.
Platform management of Microsoft Defender for Endpoint EDR.
Continuous incident triage, analysis, and prioritisation by security analysts.
Managed Threat Response such as isolation of infected endpoints.
Integration of Cyberdefense unique Threat Intelligence custom EDR rules (Premium/scoped)

What will you get?

Fully managed EDR platform operations.
Monthly reporting to gage effectiveness of the solution.
Real-time incident analysis and endpoint active response.
Optional cyber threat hunting (Premium/Scoped)