Rapid Detection and Response

Managed Threat Detection & Response (MDR)

We ease the burden on your in-house team with our MDR solutions. Get extensive threat visibility across cloud, on-premises, and hybrid environments. Learn more about how you reduce false positives and optimize your security spend. With our help, you’ll be prepared to effectively respond to threats and take action.

Get Started

What are the benefits?

Improve Productivity

Cloud-based or on-premise and proactively managed SIEM platform complemented with proprietary GCI technology
1

Reduce Risk

24/7 intelligent automated analysis of events with risk-based scoring using over 700 identifiers.
2

Spend Less, Secure More

Fully-fledged SIEM functionality without the costs of purchasing and maintaining self-managed on-site or cloud devices.
3

Key Technical Components

Analytics

  • Threat Advisory Services and full vulnerability database
  • Proprietary and commercial reputation lists to track communication with potentially malicious IP addresses
  • Proprietary and commercial malware analysis databases to identify malware
  • Proprietary and commercial compromise databases to identify compromised passwords, sites and devices
  • Alarm triage by skilled SOC Security Analysts
  • Investigating alarms in context for potential attacks or compromises on an ongoing basis
  • Retrieval and interpretation of historical log data as required
  • Monthly review meeting with your designated Security Consultant to examine and interpret alerts,
  • attacks and compromises highlighting noteworthy trends
  • Support in interaction with ICO
  • Access to web-based console and to pre-defined SIEM reports
  • Compliance reporting against supported compliance frameworks
  • Communication of details of compliance violations
  • Communication of triaged alert details
  • Alert classification by skilled SOC Security Analyst
  • Communication of full details of potential attacks or compromises
  • Monthly annotated management reporting with information on alerts and incidents with commentary and trend information
  • Access to the GCI portal with views of current alerts, alert/ incident trends and service performance

Investigation, Triage and Response

  • Threat Advisory Services and full vulnerability database
  • Proprietary and commercial reputation lists to track communication with potentially malicious IP addresses
  • Proprietary and commercial malware analysis databases to identify malware
  • Proprietary and commercial compromise databases to identify compromised passwords, sites and devices
  • Alarm triage by skilled SOC Security Analysts
  • Investigating alarms in context for potential attacks or compromises on an ongoing basis
  • Retrieval and interpretation of historical log data as required
  • Monthly review meeting with your designated Security Consultant to examine and interpret alerts,
  • attacks and compromises highlighting noteworthy trends
  • Support in interaction with ICO
  • Access to web-based console and to pre-defined SIEM reports
  • Compliance reporting against supported compliance frameworks
  • Communication of details of compliance violations
  • Communication of triaged alert details
  • Alert classification by skilled SOC Security Analyst
  • Communication of full details of potential attacks or compromises
  • Monthly annotated management reporting with information on alerts and incidents with commentary and trend information
  • Access to the GCI portal with views of current alerts, alert/ incident trends and service performance

Alerting & Reporting

  • Threat Advisory Services and full vulnerability database
  • Proprietary and commercial reputation lists to track communication with potentially malicious IP addresses
  • Proprietary and commercial malware analysis databases to identify malware
  • Proprietary and commercial compromise databases to identify compromised passwords, sites and devices
  • Alarm triage by skilled SOC Security Analysts
  • Investigating alarms in context for potential attacks or compromises on an ongoing basis
  • Retrieval and interpretation of historical log data as required
  • Monthly review meeting with your designated Security Consultant to examine and interpret alerts,
  • attacks and compromises highlighting noteworthy trends
  • Support in interaction with ICO
  • Access to web-based console and to pre-defined SIEM reports
  • Compliance reporting against supported compliance frameworks
  • Communication of details of compliance violations
  • Communication of triaged alert details
  • Alert classification by skilled SOC Security Analyst
  • Communication of full details of potential attacks or compromises
  • Monthly annotated management reporting with information on alerts and incidents with commentary and trend information
  • Access to the GCI portal with views of current alerts, alert/ incident trends and service performance
  • Threat Advisory Services and full vulnerability database
  • Proprietary and commercial reputation lists to track communication with potentially malicious IP addresses
  • Proprietary and commercial malware analysis databases to identify malware
  • Proprietary and commercial compromise databases to identify compromised passwords, sites and devices
  • Alarm triage by skilled SOC Security Analysts
  • Investigating alarms in context for potential attacks or compromises on an ongoing basis
  • Retrieval and interpretation of historical log data as required
  • Monthly review meeting with your designated Security Consultant to examine and interpret alerts,
  • attacks and compromises highlighting noteworthy trends
  • Support in interaction with ICO
  • Access to web-based console and to pre-defined SIEM reports
  • Compliance reporting against supported compliance frameworks
  • Communication of details of compliance violations
  • Communication of triaged alert details
  • Alert classification by skilled SOC Security Analyst
  • Communication of full details of potential attacks or compromises
  • Monthly annotated management reporting with information on alerts and incidents with commentary and trend information
  • Access to the GCI portal with views of current alerts, alert/ incident trends and service performance

Features

Dedicated Security Expert

A designated security expert serves as single point of call without the additional cost of an in-house team of cybersecurity practitioners and analysts.

Increase Visibility

SLA-based alerting highlights potential abnormalities or indicators of attack.

Improve Compliance

Internal or regulatory auditing requirements fulfilled thorough 365-day storage of logs

Holistic Security Approach

Event collection across the estate’s devices ensures improved threat detection

Ongoing Detection Improvement

Tuning and retuning log collectors reduce false positives over time increasing the ability to accurately detect anomalous events.

Enhanced Detection

Experienced, skilled human analysis reduces false positives

Incident Response

When confirmed security events are declared a team of advanced incident responders mitigate the attack and investigate the root cause.

Experience end-to-end threat management, security analytics, and reporting with GCI.

Contact Us