What is Managed EDR?

Our Managed Detection and Response (MDR) service is powered by our business grease Endpoint Detection & Response (EDR) platform. Our managed EDR service provides full visibility of all server and workstation activity – which is actively monitored 24/7/365 by the ConnectDS Security Operations Centre (SOC).

The ConnectDS managed EDR platform provides continuous monitoring of your business devices which is coupled with the expertise of the ConnectDS Security Analysts to processes and validate advanced alerts mapped to the Mitre ATT&CK framework, in addition to advanced threat hunting.

What are the Benefits of a Managed EDR Solution?

With the increase of the remote workforce and cloud based solutions the network perimeter is dissolving resulting in a decrease in the protection and visibility provided through traditional network security controls such as a network firewall, this presents a requirements for more focused endpoint security protection and visibility of the host as a vital part of any modern security strategy.

Traditional anti-virus is only able to stop malware that it has seen before (signature based), this is vastly different from EDR which uses behavioural analytics to determine would software should and should not be doing, thus detecting more unique and targeted attacks. As well as detecting new threats, EDR may also expose threats that have been active on your systems for some time, completely unnoticed.

this allows us to autonomously detect attacks in real-time by providing our SOC team with immediate alerting and attack technique context.

What does Managed EDR Include?

This service provides continuous monitoring from our Security Operations Centre (SOC) to protect your organisation from both known and unknown threats; pre-execution, on-execution and post-execution.

Device Control (Optional)

Ability to control endpoint activity such as enforcing host firewall rules, mitigating data exfiltration by enabling custom rules to prevent or control the usage of USB storage media, and preventing the transfer of malicious code.

NGAV

Overcoming the limitations of traditional Anti-Virus and provides pre-execution protection to detect and prevent advanced threats.

EDR

Deep endpoint visibility with the detection of malicious indicators allows our security teams to quickly detect and investigate suspicious activity and identify the root cause behind internal and external threats, misconfiguration and policy violations within the environment.

Containment and Response

Upon the detection of malicious code execution, our SOC can initiate containment of the compromise by remotely preventing any network activity through host isolation. In the event of a crypto attack, the rollback system detects and mitigates mass encryption and performs a rollback of the system to the pre-crypto state.

Upon the detection of malicious code execution, our SOC can initiate containment of the compromise by remotely preventing any network activity through host isolation. In the event of a crypto attack, the rollback system detects and mitigates mass encryption and performs a rollback of the system to the pre-crypto state.

What Devices Will Managed EDR Work On?

The EDR agent is lightweight and compatible with all supported Windows, Mac and Linux operating systems as well as the following server endpoints:

  • Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2, 2016
  • CentOS 6.5, 7.0, 7.2
  • Red Hat Enterprise Linux 6.5, 7.0, 7.2
  • Ubuntu 12.04, 14.04, 16.04, 16.10
  • SUSE Linux Enterprise Server 12SP1
  • Oracle Linux 6.5 – 6.9, 7.0+
  • Amazon Linux (AMI) 2016.09+, 2017.03+

What is your current exposure
on the dark and open Web?

Speak to us today about getting one of our cyber specialists to perform a FREE DARKWEB SECURITY ASSESSMENT & REPORT that will provide you with actionable insight to your current exposure.

REQUEST NOW

Free Dark Web Reports Are Limited To 20 Assessments Per Month

crown-commercial-service-logo
cyber exchange member logo
Cyber Essentials logo
CISP logo
IASME logo

SIGN UP TO OUR NEWSLETTER

Sign up to our quarterly email newsletter. Opt out at anytime. View our Privacy Policy.