Managed Detection & Response (mDR)

Identify threats targeting your on-premise and cloud networks

The Bashtell Managed Detection and Response (MDR) is an advanced managed security service that provides threat intelligence, threat hunting, security monitoring, incident analysis, and incident response. This is unlike traditional MSSPs who only provide alerts from security monitoring. Using advanced security analytics on endpoints, user behavior, application, and network; MDR provides deeper detection compared to traditional MSSPs, who mostly rely on rules and signature. For faster response, MDR also uses AI and machine learning to investigate, auto contain threats, and orchestrate a response.

 

Bashtell’s Managed Detection and Response service, provides the essential capabilities needed to eliminate threats from across your network. By providing complete visibility of assets and network events, and delivering the latest threat intelligence updates and detailed remediation guidance, ThreatDetect reduces the complexity of network security monitoring.

Threats identified

Threats and IOCs identified by our network security monitoring service:

Command & Control (C2) activity

Unauthorised authentication attempts

Network attacks

Policy violations

Web server attacks

Application-specific attacks

Malware infections (including botnets, Trojans, rootkits, and more)

Offered as part of our monthly network security solution

Asset Discovery & Inventory

Network scanning provides visibility of all IP-enabled assets across your physical, virtual and cloud environments in order to identify trusted and unauthorized devices. Information supplied about each asset includes what services are installed, how they’re configured and whether any active threats are being executed against them.

Intrusion Detection

The Network MDR includes Cloud-based intrusion detection, Network-based intrusion detection (NIDS), and Host-based intrusion detection (HIDS) systems. These are installed and optimized by our qualified professionals to monitor your organization’s traffic and hosts to identify anomalous activity. IDS data is correlated with other sources of security information to provide increased threat visibility.

Vulnerability Assessment

Managed vulnerability scanning uses the latest signatures to provide visibility of network security risks, such as the use of weak credentials and unpatched or out-of-date operating systems and software. Scan results are carefully analyzed by our security analysts to provide actionable remediation advice.

Packet Capture Inspection

For deeper security analysis, our team conducts data packet capture and network flow analysis to identify threats and trends relating to protocols, hosts and bandwidth usage. Combining network flow data with asset inventory and event data enables us to facilitate swifter incident response.

Correlation of Network Events

Correlation directives are policy rules that link together events and raise an alert when specific threats or behaviours are identified. By including managed Security Information and Event Management (SIEM) as part of our network security monitoring solution, Bashtell’s SOC team ensure that systems are optimized with new correlation rules to detect the latest threats and minimize the volume of false positives.

Learn more about our EDR Service

For enhanced protection against cyber threats, add Endpoint Detection and Response (EDR) to your monthly service.

Endpoint EDR monitors your organization’s endpoints, including desktops, laptops and servers, in order to hunt for hidden threats, minimize the dwell time of attacks and quickly isolate infected systems.

threat-detect-[Converted]

Request a free datasheet

Please fill out the form below and we will get back to you as soon as possible

Services