Managed Detection and Response (MDR+)
MDR+ (Managed Detection and Response) from BlueVoyant is remote endpoint monitoring, protection, and incident remediation. Utilizing Next Generation Antivirus (NGAV) and Endpoint Detection and Response (EDR) software, BlueVoyant scan for, investigate, and neutralize threats on your behalf.
This service allows you to expand your cybersecurity capabilities to defend against the latest and most sophisticated threats.
|Services Activation||Advanced endpoint software will be deployed. Client applications will be whitelisted to reduce the likelihood of unintended business disruption. Remote intrusion response activities preapproval guidelines will be established.|
|Investigation and Notification||When a suspicious event is detected or an automatic prevention activity occurs, an alert is generated and a security operations center analyst will investigate to determine whether or not there is a true positive, benign, or false positive and the client will be notified.|
|Indicator Enrichment||Indicators of compromise associated with detections within the monitored environment are automatically extracted, scored, and enriched leveraging open source and proprietary Threat Intelligence. Enriched indicators, assigned a reputation and classification, are visible within Wavelength™.|
|Endpoint Response||BlueVoyant will take a specific set of actions at the completion of an investigation: quarantine, delete, whitelist, monitor, or blacklist. Depending on your services, if an advanced investigation with live/real-time response is needed, BlueVoyant may perform remote intrusion response activities.|
|Threat Detection||Advanced endpoint software will be used to expand enrichment and enhanced behavioral correlations. Depending on your services, BlueVoyant will proactively and iteratively search through events to detect and isolate advanced threats that evade existing security solutions.|
|Malware Prevention||Deployed endpoint software will automatically prevent the execution of suspicious or known malicious software, often preventing the outbreak or spread of malware. Through blacklist policy management, delivery of unique signatures and threat intelligence indicator matching, BlueVoyant can deny, terminate and block operations remotely.|
|Health Monitoring||BlueVoyant will monitor installed endpoint agent communications using the technology platform. BlueVoyant will monitor log sources and will generate an alert when a log source’s output has not been received in a specified interval.|
|Outage Prevention||All third-party vendor patches and upgrades will be assessed for their security, stability, and functionality by BlueVoyant prior to client deployment to ensure they are supported and won’t cause outages.|
- 24/7 investigation from SOC experts
- Prevent malware and monitor network health
- Track and record relevant alerts
- Enrich indicator data by automated and manual classification
- Manage and prescreen software upgrades
- Advanced Threat Detection provides full telemetry to actively hunt for threats that are evading detection
Full Lifecycle Protection from Early Detection to Remediation
Combining automated processes and technologies with expert, field-seasoned cyber intelligence analysts, you’ll receive full-spectrum protection from initial alert to security event remediation.
Transparency and Reporting
BlueVoyant investigate, triage and remediate security events for you and provide executive-level reporting. You can watch the Security Operations Centers operate live, responding to security events through Wavelength™.
Hunting Threats within Your Network
Proactive threat hunting activities reveal dormant or trojan threat actors that evade network and endpoint detection solutions. BlueVoyant's Advanced Threat Detection includes full telemetry leveraging the benefits of EDR with BlueVoyant's SOC experts.
Proprietary Threat Intelligence
BlueVoyant utilize proprietary, open-source, and Dark Web intelligence to identify attacks, expedite triage and enrich investigations conducted by the Security Operations Centers. BlueVoyant see more so BlueVoyant can respond faster and more accurately than BlueVoyant's competitors.
Service Tier Comparison
|Managed Detection and Response||MDR+||MDR+ with Advanced Threat Hunting|
|MDR Service Activation|
|Investigation & Notification|
|Access to Wavelength™|
|Remote Intrusion Response|
Download the BlueVoyant Managed Detection & Response (MDR) Brochure (.PDF)