Managed detection and response services provide customers with remotely delivered modern security operations center (MSOC) functions. These functions allow organizations to rapidly detect, analyze, investigate and actively respond through threat mitigation and containment. MDR service providers offer a turnkey experience, using a predefined technology stack (covering areas such as endpoint, network and cloud services) to collect relevant logs, data and contextual information. This telemetry is analyzed within the provider’s platform using a range of techniques. This process allows for investigation by experts skilled in threat hunting and incident management, who deliver actionable outcomes.
"MTR; Give your ICT team a helping hand!"
Sophos MTR is a no brainer when it comes to SMB or large enterprise to help manage the burden of 24/7 operations and provide support for IT services and departments trying their best to manage and adapt to an ever changing threat landscape. The ease in which i was able to login - setup and protect our infrastructure fleet was amazingly quick. No downtime, not interruptions. Just protected. The onboarding processed and proactive engagement for new customers is a very nice touch - just a reach out and touch base with end users to discuss the options, settings and requirements.
"Artic Wolf Network: Extremely Value and Exceptional Service"
AWN was professional and helpful throughout our entire experience. Beginning with feature selection, the team was patient and helpful. Especially with a client who was just starting with information security and minimal staff. The team guided us with onboarding and was always available to answer questions throughout the entire process. Once the service was deployed, they have been attentive and responsive to our requests or automated tickets.
"Exceptional SaaS Partner"
We use Red Canary Managed EDR for Carbon Black. We initially deployed Carbon Black on our network and we were chasing one false positive alert after another. A year later, we partnered with Red Canary to manage our Carbon Black instance. They were great to work with and extremely responsive. They took over management of Carbon Black and immediately noticed a reduction of alerts. So much so that I was wondering if detection was working at all. We conducted some tests by deploying threat behaving software and it immediately detected the threat, placed the endpoint in quarantine, and notified us of the incident. One occasion, we had a security company conducting our annual security audit and we placed a USB rubber ducky into a USB port and within less than one minute, we received notification. The auditor was impressed, to say the least.
"Falcon Complete is the Most Comprehensive MDR Out there"
The decision to try and implement Falcon Compete MDR service came after trying couple of other EDR solutions. The EDR agent is light weight non-intrusive agent hence didn't impact service operation on the windows/Linux servers. The path and file exclusion features works seamlessly thus reducing the false positive rate and operation hassle. The MDR service is backed by threat intel service which is valuable in giving a context for the detected incidents and prioritize the efforts of on-site analyst. Being a replacement of the conventional AV was spot-on, however you still need to configure proper allow-listing and device control. The
"SentinelOne Vigilance deployment review"
So far the the team that organized the introductory meeting had great customer service and good technical knowledge about the product. The presentation was detailed and they answered all questions pertaining to our deployment. One main concern was to avoid a period of no protection when we cut over rom our current system, for which they provided a solution. I liked the fact that they have a trial period which is over twenty days in which we can go over the deployment procedure with a test device. The first presentation was over an hour and it was easy to schedule a second follow up during which a test machine can be deployed and monitored by SentinelOne.
"Great product especially for those starting with a new solutions"
The experience from the very beginning was great. We started by purchasing the InsightVM product which allowed us to see where out organization was at. It transitioned from there to also purchasing their InsightIDR and MDR services. They have been great to work with for the most part and provide some great insight from their MDR portion as well. The initial process when purchasing the IDR and MDR services was a little convoluted due to a lack of effective communication.
"Alert Logic - Alerts that make Sense"
The Alert Logic agent was easy to deploy and give our IT Team visibility to all of our end points. We got alerted when there was a high or critical even and we were able to isolate and quickly remedy problems as they were occurring real time no matter where the endpoint was located.
"With MDR we feel we have added an extension of our team!"
We feel the MDR is a tremendous value add, allows our team to sleep well at night and don't have to worry about maintaining an on-call schedule. The items the team has identified and the level of detail provided in both the analysis and response recommendations is greatly appreciated. The offering does need to mature a bit more when it comes to enterprise reporting, would like to see more fusion with the Noctornus TI team.
"Binary Defense MDR and SOC will help you sleep better at night."
As a long time customer of Binary Defense, I've been pleased with the analysts, alerts and detection. Beyond that, the dev team is available and open to suggestions and feature requests.
"Critical Start is critical to our operations"
The service Critical Start provides is an integral part of my organization's security. I could not even imagine trying to self manage a tool like Cylance Optics, Carbon Black Defense or Palo Alto Cortex XDR without their assistance. Their team is professional, quick to respond and has been able to tune our system to act exactly how I explain, time and time again.
"Excellent technology partner"
Technology integration options are many of the popular platforms and is growing. The integrations are easy to manage and onboard. Great customer service and communication (very real time communication direct to the SOC and timely follow up on questions and issues). Quality of work output is high. We bench-marked Expel against our internal team in the PoC phase and were quite satisfied with accuracy and detection. Set pricing structure saves everybody time and effort.
"eSentire - The best MDR out there!!"
On-boarding experience was excellent. The eSentire staff were extremely knowledgeable and were able to resolve all issues quickly. Alerts come in a timely way (we have actually timed some alerts and they come in a quickly as 12 seconds). Customer service is excellent. Requests are acknowledged within minutes and resolution comes a few minutes after that. This is the best MDR service, hands down!
"Reliaquest engages as part of our team to drive visibility into our environment"
I've been a CISO for 12+ years, in two different $xx+ organizations. In that time I have worked with three different MSSP. The Reliaquest experience is so far removed from other MSSPs I have dealt with that I wouldn't hazard to call them that. They act as an extension of our team, not just monitoring and reporting, but driving continual improvement in content, and challenging our process with improvement based on what they are seeing across their customer base.
"Amazing forensic analysis and threat intelligence feeds "
We already had an MSSP solution from a different vendor. But one of the best transformations we’ve made in our security posture is to replace that service with SISA’s MDR solutions. In a matter of 1 year, it has allowed us to save more than 30% on resources and costs. Our leadership team has appreciated the continuous support provided by the team that has helped us in reporting success rates.
"All my SOC services available in one place."
We issued an RFP 3 years ago to several vendors looking for an MSSP. We quickly changed our tune specifically to Managed Detect and Response, it fit our goals better. There were a handful of vendors we researched and even fewer that we sent an RFP to. Mandiant partnered with a reseller to provide a proposal which we ultimately choose over the others. We've continued to renew our relationship with Mandiant year and year out for the Managed Service offering. We found the tools simple to install and manage within our environment. We also appreciate the detection capabilities, the scheduled hunts, and the regular threat breifs that target our industry. Its become our SOC as a service.
"Managed Security Services Partner with Highly Skilled and Passionate Team!"
The team is highly skilled and technically competent. They understand the Business impact with a direct correlation with the under lying security issues. The teams understanding on Business language helps address the InfoSec issues and incidents with right thinking. The team strives for creating innovative ideas in improving the SOC services. This is achieved by creating new Use Cases that are relevant in todays context. This is further complimented with the new play books to ensure proactive preparedness for any contingency in case of any Security incident. On numerous occasion they have exceeded the bar of providing services beyond the contractual obligation. Overall they are truly a managed services player and a delight to customer.
"Open Systems is a key partner on our worldwide MDR services for the Organization."
With an Open Systems-based FW/Proxy/NDS (NDR) solution complemented with a Microsoft-based host security stack (EDR), we achieved significant maturity on security events visibility in 54 offices of our Organization worldwide. That also includes mobile workers accessing enterprise networks and Internet resources via VPN. Reliable 24/7 monitoring, quality of services, and competent analysis of security events flow proven to produce a low rate of false-positive alerts. Working issues during the transition/fine-tuning/learning phases were seriously taken and quickly resolved, including the design of custom requests for new use cases.