<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=195945&amp;fmt=gif">

Managed Detection and Response

Skilled Security Teams and Advanced Threat Technology that Stop Attackers in Their Tracks

In just minutes, a breach can damage customer trust for a lifetime. Between tight budgets, the talent shortage, and the time-consuming nature of monitoring alerts, organizations are struggling to stay on top of cyber threats.

ProArch's Managed Detection and Response (MDR) Services are a true extension of your team. We reduce risk organization-wide by responding to malicious activity before damage occurs. Our rapid deployment process takes hours, not weeks- so you don’t have to go another day unprotected from attacks.

Have a team of experienced threat hunters and security analysts on your side that protect your corporate infrastructure, reputation, and bottom line.

On average, it takes 280 days to identify and contain a breach. - IBM 2020 Cost of a Data Breach Report

The longer a breach goes undetected, the further the attacker spreads. Compromising data, systems, and accounts along the way.

76% of ransomware events occur outside of work hours. - FireEye 2020 Ransomware Deployment Trends

Cybercriminals intentionally deploy ransomware after hours for maximum effectiveness. Without 24x7 surveillance, attackers have the advantage.

Where 24x7 Security and Threat Intelligence Meet for Stronger Security Posture

  • Know that you are secure with Security Analysts monitoring for and responding to threats 24x7
  • Get protected fast with a cloud-native security toolset that enables deployment in 1 day
  • Have a predictable security spend and a plan backed by experts for reducing risk
  • Pinpoint attackers across multi-cloud, on-premises, operational technology (OT), IT, and IoT
  • Save on hiring and extend your teams’ skills with ProArch’s security capabilities
  • Report risk posture to leadership and reduce time to detect and time to respond metrics

Managed Detection and Response

Alerting you of malicious activity on your network is no help unless you have the bandwidth and skills to respond. Focus on reducing your risk long-term and let ProArch take on the responsibility of investigating and responding to security threats before additional accounts or systems are compromised.

lock-2

Endpoint Detection and Response (EDR)

Keep threats off devices that are a clear path to corporate resources.

  • 24x7 response to endpoint threat activity
  • Endpoint monitoring and detection
  • Coverage for workstations, servers, mobile devices (Windows, Linux, MacOS, iOS, Android)
  • Seamless escalation to Incident Response
eye

Identity Detection and Response (IDR)

Prevent corporate account compromises that lead to data breaches.

  • 24x7 response to suspicious account activities
  • Identity monitoring and detection
  • Coverage for on-premises and cloud-native corporate accounts (Active Directory)
  • Seamless escalation to Incident Response
shield-search

Extended Detection and Response (XDR)

End-to-end attack prevention across networks, endpoints, and identities.

  • 24x7 response to threat activity across on-premises and cloud networks, endpoints, and identities
  • Endpoint, identity, and network monitoring and detection
  • Coverage for Azure, Google, AWS
  • Seamless escalation to Incident Response

*Extended Detection and Response (XDR) must include Endpoint Detection and Response (EDR).

shield-tick

All MDR Services include:

  • 24x7x365 Security Operations Center (SOC) performing threat hunting, investigation, containment, and eradication
  • Seamless escalation to ProArch Incident Response Team in the event compromise occurs
  • 100% cloud deployment process that takes hours, not weeks
  • Quarterly reporting with trending data and recommendations prioritized by risk
  • Access to Security Consulting Team for on-going guidance and questions
MDR

Managed Detection and Response Services Comparison Guide

See what's included and protected in EDR, IDR, and XDR.

How MDR Works

  1. Data Collection: Threat detection sources and sensors are deployed across networks, cloud services, endpoints, and identities collecting and analyzing telemetry- making it possible to track down root cause quickly.
  2. Enrichment: Threat intelligence backed by deep context, customer information, and the MITRE ATT&CK framework enhances alerts, so they are categorized and prioritized for analysis.
  3. Investigate Cases: The ProArch SOC Team analyzes cases and performs a thorough threat investigation to confirm indicator of compromise or false positive- 24 hours a day.
  4. Respond to Threats: In the event successful compromise does occur, our Incident Response Team steps in to recover and rebuild systems.

MDR Features

health

24x7x365 SOC Monitoring

The ProArch SOC operates around the clock stopping threats by performing threat hunting, investigation, containment, eradication, and escalation to full Incident Response.

cloud-add

Advanced Threat Detection

Threats are analyzed and prioritized using SIEM and SOAR tools that deliver insight and automation to contain malicious activity traditional security tools can't.

danger

Extensive Threat Analysis

Security Analysts perform a thorough threat evaluation using the MITRE ATT&CK framework to get a deeper understanding of the behaviors and techniques of attackers to get to the root cause of compromise.

cpu-setting

Security Incident Response

In the event of compromise, seamlessly transition to ProArch's Incident Response Team that includes architecture experts, senior engineers, and project management who:

  • Re-build compromised systems and data
  • Collaborate with legal and government agencies
  • Implement additional security hardening measures
radar

Proactive Risk Management

ProArch's SOC acts as an extension to your team working alongside you to reduce risk. Security Analysts provide actionable data, recommendations, and quarterly reporting that improves security posture long-term.

  • Coordinate with client IT teams to contain an attack
  • Provide evidence for legal and regulatory purposes
  • Communicate vulnerabilities that require action (ex: patches)
  • Root cause analysis and control recommendations
  • Security incident log data and reporting

FAQ

What remediation actions will the SOC take on behalf of the client?

The SOC remediates and responds to threat activity within its capabilities and integrated systems. Quarantining a system, restricting application execution, creating an investigation package, and performing advanced threat hunting to determine root cause are all handled by the SOC. In the case that a patch or other engineering function is required then the SOC communicates responsibility to the client. If successful compromise does occur, then transition to ProArch's Incident Response Team takes place.

Do I still need an incident response plan if I have MDR?

MDR is not a replacement for an incident response plan. Although ProArch can perform incident response, those recovery and rebuild services are not included in the cost of MDR. It is important to have documented recovery playbooks that outline actions to be taken by members of your team, like contacting legal representation and restoring backups.

Does MDR replace the need for other security services?

With security there is never a 100% guarantee. MDR is not ‘all encompassing’ when it comes to all the elements of a mature security program. Security leaders must account for activities like vulnerability management, awareness training, pen testing, incident response planning, compliance, and security of specialized environments. ProArch's Security Team can assist with all of these components.

“For us, it came down to, ‘Who do we think the best long-term partner is going to be?’ The answer to that question is ProArch.”

Kevin Wiese
CIO at BestSelf Behavioral Health

Stay One Step Ahead of Cyber Threats