Rapidly eliminate attacks and breaches with our award-winning ThreatDetect™ MDR
ThreatDetect™ from Redscan is an award-winning managed detection and response (MDR) service supplying the extensive capabilities your organisation needs to hunt for, identify, and eradicate the latest cyber threats.
Integrating leading security personnel, cutting-edge detection technology and latest threat research, this 24/7 Security Operations Centre-as-a-service acts as a virtual extension of in-house resources to supply the expertise, tools and intelligence needed to achieve enterprise-grade, yet affordable, cyber security.
Gain visibility of, and clearly understand, the threats facing your business in order to improve threat detection, reduce cyber security risk and enhance boardroom and investor confidence.
Detect wide-ranging threats
Detect the latest sophisticated threat actors that preventative cyber security solutions such as firewalls and antivirus software can miss.
Reduce the dwell time of breaches
Significantly shorten the time to takes to detect cyber security breaches before they spread, from months to just minutes.
191 days. The average time it takes businesses to detect a breach
(Ponemon Institute, 2017 Cost of Data Breach Study)
Rapidly respond to attacks
Receive notification of genuine security incidents to enable in-house teams to focus on remediating threats, rather than the difficult and time-consuming task of discovering them.
By providing detailed incident information and remediation advice, Redscan’s CSOC experts provide the end-to-end support needed to remove advanced threats and address any identified vulnerabilities.
Avoid upfront security investment
Refrain from having to employ hard-to-recruit security professionals and choose between expensive technologies by opting for an all-in-one managed service that offers complete threat detection and response capabilities for an affordable monthly subscription.
Comply with the GDPR and other standards
Put in place the proactive network and endpoint security monitoring needed to help achieve compliance with the Global Data Protection Regulation (GDPR) as well as other compliance standards including PCI DSS, ISO 27001/2 and GPG13.
Key service features
Proactive 24/7 cyber security monitoring
Stay protected around the clock by our team of dedicated cyber security operations centre analysts and engineers, who work tirelessly to hunt for, identify, investigate and escalate threats.
One complete detection platform
Benefit from one vendor agnostic, managed threat detection and response platform capable of leveraging existing security infrastructure, alongside the very latest threat detection technologies offered as part of ThreatDetect:
-Security Information and Event Management (SIEM)
-Long management and monitoring
-Intrusion detection (IDS)
Instant notification of threats
View an up-to-date picture of your organisation’s security posture and receive instant threat notification and remediation advice via CyberOps, the real-time threat intelligence and analytics platform included as part of our ThreatDetect MDR service.
Leading security professionals
Our team of CSOC security analysts, engineers and researchers are trained to the highest professional standards to ensure that we retain our excellence in defending against attacks.
Cyber security qualifications we hold include: CISSP, CISSP- ISSAP, CISA, CISM, CEH, OSCE, OSWP & CREST.
Integrated cyber threat intelligence
The aggregation of security research from Redscan Labs, our in- house research centre, with external threat intelligence from leading exchanges like CiSP, ensures your organisation benefits from the latest security information to help shape defensive actions and risk management policies.
By collecting, processing and correlating security data and event logs, ThreatDetect’s advanced threat analytics and detection systems use a combination of analytics, proprietary algorithms and rules to generate security alarms. These are subsequently analysed by our CSOC experts to save your in-house teams the time-consuming and complex task of separating genuine alerts from false positives.
Swift incident response
By offering full remediation guidance and optional virtual or on-site support, Redscan’s CSOC analysts and CREST accredited cyber incident responders enable your organisation to minimise the impact of attacks. Our cyber incident response team capabilities can help contain and eliminate threats, understand the root cause of attacks and assist with breach reporting.
Monthly and quarterly written reports offering thorough security insight and analysis enable key stakeholders, both technical and non-technical, to clearly understand cyber risks. Reports are supplemented by regular telephone and on-site service reviews.
Included as part of ThreatDetect
Full system deployment and management
Installation and optimisation of the latest threat detection technologies ensures organisations receive the best possible defence at all times.
• Security technology offered as part of ThreatDetect includes Security Information and Event Management (SIEM), intrusion detection (IDS) and endpoint protection
• Extensive health monitoring of all hardware and software components provides total system confidence
• Hassle-free updates, upgrades and backups alleviate business disruption
• Identifies vulnerabilities within systems, software, firewalls, wireless networks and more
• Clear remediation advice saves valuable time and helps prioritise risks to address
• On-request, unlimited scanning enables changes in security posture to be tracked
Event monitoring and investigation
Proactive network monitoring and investigation by Redscan's CSOC enables cyber threats to be rapidly hunted down and eliminated.
• Cuts through background noise and false positives to provide early notification
of genuine threats
• Expert insight and analysis provides actionable intelligence and assists threat prioritisation
• Helpful remediation advice helps to address threats, understand root cause and gauge the impact of attacks
In-depth reporting and analysis
Regular hand-written security reports provide clear advice to help IT and executive teams enhance situational awareness, track performance and achieve compliance standards.
• Weekly, monthly and quarterly reports provide a clear picture of security posture
• Regular performance reviews help to identify service improvements
• Friendly CSOC experts contactable 24/7
Cyber incident investigation & response
Experienced security experts are on hand to remediate attacks by conducing detailed threat forensics, providing actionable remediation advice and assisting with breach reporting procedures.
• In-depth incident remediation guidance with optional virtual and on-premise support
• Detailed incident investigation to identify the root cause and breadth of attacks
• Clear advice about how to resolve immediate and long-term security concerns
The tools, tactics and procedures (TTPs) of cyber attackers are continually evolving, meaning traditional preventative security and machine intelligence cannot be relied upon to protect your organisation’s critical assets.
ThreatDetect’s skilled and certified security operations centre (CSOC) professionals function as a virtual extension of your in-house IT team to manage everything needed to power your threat detection and response service. We:
Our experts configure and constantly tune your chosen ThreatDetect technology to ensure it remains effective at meeting evolving security, business and technical needs.
Our experts detect, investigate and respond to anomalous and suspicious behaviour, while reducing high volumes of erroneous and inaccurate system alerts.
Our experts make clear and helpful recommendations to ensure security incidents are prioritised and resolved swiftly and effectively.
Our experts produce regular hand-written reports that enable IT and executive teams to clearly understand your organisation’s security posture.
Advanced threat notification, analytics and reporting
CyberOps, the intuitive online intelligence platform included as part of ThreatDetect, provides complete visibility of your organisation’s cyber security. It offers:
True incident reporting
Receive notification of genuine security threats that have been thoroughly analysed by our security operations centre experts to save you time investigating background alerts and false positives.
Real-time status monitoring
Monitor changes to your organisation’s security threat level to comply with risk management procedures and uncover patterns in attack behaviour.
A streamlined workflow
Manage security incidents from detection to remediation via one efficient, fully auditable workflow that offers complete visibility of users and teams
View powerful data visualisations to see a live picture of your organisation’s security status and measure key response metrics to ensure that service levels are being achieved.
Full threat visibility across your network and endpoints
To meet wide-ranging threat detection and response needs, ThreatDetect is divided into two complementary service offerings:
Managed Network Detection and Response
ThreatDetect Network includes Managed SIEM, Managed Intrusion Detection and Managed Vulnerability Scanning to monitor for attacks across your network.
ThreatDetect EDR includes the powerful endpoint detection technology needed to monitor the security of your endpoints, hunt for hidden threats, minimise the dwell time of attacks and quickly isolate infected systems.
Regardless of where your organisation’s infrastructure is located, our flexible ThreatDetect MDR service can be customised to meet your precise security needs.
Highly scalable, ThreatDetect supports physical and virtual deployments and can be installed on-premise or accessed via Redscan’s fully resilient cloud service. Cyber security monitoring is offered for Amazon Web Services (AWS), Microsoft Azure, Hyper-V and VMWare.
Concerned about potential targeted attacks, the global finance and investment company ICG subscribed to Redscan’s ThreatDetect™ service. The business now has far greater confidence in its information security and ability to respond if the worst should happen.