Rapidly eliminate breaches with our award-winning ThreatDetect™ MDR service
The advanced and evolving nature of cyber threats means that even with strict security controls in place, your business is still not immune to being compromised. To minimise cyber security risk, having the capability to identify and eliminate attacks that evade your perimeter defences is now essential.
Introducing Managed Detection and Response.
ThreatDetect™ from Redscan provides the 24/7 protection needed to safeguard against the latest sophisticated threat actors. Integrating leading security professionals, advanced detection and deception technologies, and industry intelligence, this award-winning MDR service monitors network infrastructure and endpoints for threats and provides the early notification and remediation advice necessary to respond swiftly and effectively.
Gain visibility of, and clearly understand, the threats facing your business in order to improve threat detection, reduce cyber security risk and enhance boardroom and investor confidence.
Detect wide-ranging threats
Detect the latest sophisticated threat actors that preventative cyber security solutions such as firewalls and antivirus software can miss.
Reduce the dwell time of breaches
Significantly shorten the time to takes to detect cyber security breaches before they spread, from months to just minutes.
191 days. The average time it takes businesses to detect a breach
(Ponemon Institute, 2017 Cost of Data Breach Study)
Rapidly respond to attacks
Receive notification of genuine security incidents to enable in-house teams to focus on remediating threats, rather than the difficult and time-consuming task of discovering them.
By providing detailed incident information and remediation advice, Redscan’s CSOC experts provide the end-to-end support needed to remove advanced threats and address any identified vulnerabilities.
Avoid upfront security investment
Refrain from having to employ hard-to-recruit security professionals and choose between expensive technologies by opting for an all-in-one managed service that offers complete threat detection and response capabilities for an affordable monthly subscription.
Comply with the GDPR and other standards
Put in place the proactive network and endpoint security monitoring needed to help achieve compliance with the Global Data Protection Regulation (GDPR) as well as other compliance standards including PCI DSS, ISO 27001/2 and GPG13.
“Providing the security expertise, tools and intelligence needed to respond to threats and breaches. With MDR, reduce the time it takes to detect attacks from months to minutes.”
Key service features
Proactive 24/7 cyber security monitoring
Stay protected around the clock by our team of dedicated cyber security operations centre analysts and engineers, who work tirelessly to hunt for, identify, investigate and escalate threats.
Benefit from one flexible managed threat detection and response platform capable of leveraging your existing security infrastructure, alongside the very latest threat detection technologies offered as part of ThreatDetect:
• Security Information and Event Management (SIEM)
• Log Management and Monitoring
• Intrusion Detection (IDS)
• Managed vulnerability scanning (MVS)
• Asset Management
• Behavioural Analytics
• Honeypot Sensors
• Endpoint Analytics
• And more
True threat visibility
View an up-to-date picture of your organisation’s security posture and receive instant threat notification and remediation advice via CyberOps, the real-time threat intelligence and analytics platform included as part of our ThreatDetect MDR service.
The aggregation of security research from Redscan Labs, our in- house research centre, with external threat intelligence from leading exchanges such as CiSP, ensures your organisation benefits from up-to-the-minute security information to help shape defensive actions and risk management policies.
By collecting, processing and correlating security data and event logs, ThreatDetect’s advanced threat analytics and detection systems use a combination of analytics, proprietary algorithms and rules to generate security alarms. These are subsequently analysed by our CSOC experts to save your in-house teams the time-consuming and complex task of separating genuine alerts from large volumes of false positives.
Cyber incident response
By offering full remediation guidance and optional virtual or on-site support, Redscan’s CSOC analysts and CREST accredited cyber incident responders enable your organisation to minimise the impact of attacks. Our cyber security incident response (CSIRT) team can help contain and eliminate threats, understand the root cause of attacks and assist with breach reporting.
Monthly and quarterly written reports offering thorough security insight and analysis enable key stakeholders, both technical and non-technical, to clearly understand the latest cyber risks facing your organisation. Reports are supplemented by regular telephone and on-site service reviews.
Installation and optimisation of the latest threat detection technologies ensures organisations receive the best possible defence at all times.
• Security technology offered as part of ThreatDetect includes Security Information and Event Management (SIEM), intrusion detection (IDS) and endpoint protection
• Extensive health monitoring of all hardware and software components provides total system confidence
• Hassle-free updates, upgrades and backups alleviate business disruption
• Identifies vulnerabilities within systems, software, firewalls, wireless networks and more
• Clear remediation advice saves valuable time and helps prioritise risks to address
• On-request, unlimited scanning enables changes in security posture to be tracked
Event monitoring and investigation
Proactive network monitoring and investigation by Redscan's CSOC enables cyber threats to be rapidly hunted down and eliminated.
• Cuts through background noise and false positives to provide early notification
of genuine threats
• Expert insight and analysis provides actionable intelligence and assists threat prioritisation
• Helpful remediation advice helps to address threats, understand root cause and gauge the impact of attacks
In-depth reporting and analysis
Regular hand-written security reports provide clear advice to help IT and executive teams enhance situational awareness, track performance and achieve compliance standards.
• Weekly, monthly and quarterly reports provide a clear picture of security posture
• Regular performance reviews help to identify service improvements
• Friendly CSOC experts contactable 24/7
Cyber incident investigation & response
Experienced security experts are on hand to remediate attacks by conducing detailed threat forensics, providing actionable remediation advice and assisting with breach reporting procedures.
• In-depth incident remediation guidance with optional virtual and on-premise support
• Detailed incident investigation to identify the root cause and breadth of attacks
• Clear advice about how to resolve immediate and long-term security concerns
The tools, tactics and procedures (TTPs) of cyber attackers are continually evolving, meaning traditional preventative security and machine intelligence cannot be relied upon to protect your organisation’s critical assets.
ThreatDetect’s skilled and certified security operations centre (CSOC) professionals function as a virtual extension of your in-house IT team to manage everything needed to power your threat detection and response service. We:
Our experts configure and constantly tune your chosen ThreatDetect technology to ensure it remains effective at meeting evolving security, business and technical needs.
Our experts detect, investigate and respond to anomalous and suspicious behaviour, while reducing high volumes of erroneous and inaccurate system alerts.
Analysis conducted by our CSOC experts includes:
• Researching new vulnerabilities
• Reviewing packet data and logs
• Forensic analysis
• Creating new correlation rules and watchlists
• Isolating genuine alerts from false positives
• Identifying suspect IPs and URLs
Our experts make clear and helpful recommendations to ensure security incidents are prioritised and resolved swiftly and effectively.
Our experts produce weekly and monthly reports to help all your key personnel widely understand the latest security risks.
Advanced threat notification, analytics and reporting
Included as party of ThreatDetect, the CyberOps platform combines the extensive insight of Redscan’s CSOC experts and threat information from the latest security technologies and intelligence feeds to provide:
Receive genuine incident notifications, thoroughly triaged by our security operations centre experts to save your in-house team the time and effort of investigating scores of false alarms.
Obtain the detailed incident information and remediation guidance needed to respond swiftly to threats before they spread.
Advanced security analytics
Stay abreast of changes to your organisation’s cyber security with powerful data visualisations that help measure key performance metrics.
View powerful data visualisations to see a live picture of your organisation’s security status and measure key response metrics to ensure that service levels are being achieved.
Full threat visibility across your network and endpoints
To meet wide-ranging threat detection and response needs, ThreatDetect is divided into two complementary service offerings:
Managed Network Detection and Response
ThreatDetect Network includes Managed SIEM, Managed Intrusion Detection and Managed Vulnerability Scanning to monitor for attacks across your network.
ThreatDetect EDR includes the powerful endpoint detection technology needed to monitor the security of your endpoints, hunt for hidden threats, minimise the dwell time of attacks and quickly isolate infected systems.