Rates of cybercrime and nation-state espionage are increasing while the cybersecurity skills gap continues to grow. To better support security teams and operations in this environment, Fidelis Cybersecurity announced the release of a new managed detection and response (MDR) service.
The 24×7 Fidelis MDR service provides a team of security experts who leverage patented Fidelis technology to analyze rich network and endpoint metadata, content, behavioral and asset characteristics, as well as enterprise IoT devices to aid in hunting and investigations.
Earlier this year, Fidelis commissioned The State of the SOC study that affirmed just how overwhelmed security teams are today. Over 60% of respondents said they were unable to triage even a quarter of the alerts they receive daily.
Even with security technology in place, Security Operations Centers (SOCs) often don’t have the staff or skills in-house to monitor and respond to threats, execute threat hunting to better understand and protect against future attacks. These needs were found to be acute at smaller enterprises that did not have a Security Operations Center.
“With the risk enterprises face each day, organizations need more than just an MSSP partner,” said Nick Lantuh, President and CEO at Fidelis Cybersecurity.
“Our team of experts are true threat hunters, not just alert watchers. Most come from US Government Department of Defense Cyber Security Units and Intelligence Community backgrounds with deep hunting and incident response experience. They are empowered by our advanced analysis engine which provides rich metadata and content to expose and understand the context behind an alert, to gain full life-cycle visibility during an attack and to rapidly and accurately find, contain and eradicate threats.”
The Fidelis Cyber Threat Analysis Center is staffed 24×7 with security operations professionals, forensic analysts, incident responders and threat hunters, who have a pedigree of identifying, triaging and responding to threats targeting enterprises of all sizes.
The MDR team uses the Fidelis Elevate platform, which provides Endpoint Detection and Response, Network Traffic Analysis, Enterprise IoT visibility, Asset Discovery and Deception, to identify, classify and protect an organization’s digital assets.
By going beyond NetFlow data and instead analyzing the metadata and content derived from Fidelis’ patented Deep Session Inspection of network traffic, the MDR team can understand whether a document or executable has been seen before, what the file type is, who authored it, who received a copy and who logged into the machine that sent the document.
These data-driven insights, combined with Machine Learning and automation, aid the Fidelis MDR team with an incident response workflow, ensuring detection and response that removes false positives and produces only actionable intelligence.
“Our MDR team is equally versed in supporting large enterprises with fully developed SOC and Incident Response teams, as it is supporting organizations with less developed cyber-security capabilities”, says Lantuh.
“For large enterprises with built out SOCs, Fidelis’ MDR can provide a SOC Augmentation Service delivering only actionable intelligence based on findings within the Fidelis Infrastructure.”
The Fidelis MDR service is one of the offerings in the market to incorporate deception technology which enables the classification of assets and the deployments of breadcrumbs as lures to decoys, fake file systems, enterprise IoT support, plus Man-in-the-Middle detection and Active Directory fake accounts with activity on decoys.
Fidelis MDR is part of a wider portfolio of service offerings including Incident Response and Security Assessments which include Incident Response Readiness, Security Operations and Security Program reviews.