Deepwatch’s MXDR service expands detection capabilities with high-fidelity, contextualized alerts to enable rapid response and containment of cyber threats.
“Deepwatch MXDR automates response capabilities that help security operations teams contain threats and mitigate risk faster and more confidently than ever before,” said Wes Mullins, chief technology officer at Deepwatch. “Automation delivers accelerated response times when powered by robust and accurate information on detected threats. High-fidelity alerts, enriched with information across endpoint, network, cloud, email and identities correlated over a period of time, enables security teams to swiftly identify and contain threats before they disrupt business.”
According to Deepwatch’s State of the Modern SOC 2022 research, 85% of security professionals say that they have experienced preventable business impacts as a result of insufficient response procedures, citing staffing issues and security alert quality as top barriers to response. Nearly all (97%) security professionals state that more accurate alerting would increase confidence in implementing automated response actions.
Deepwatch MXDR significantly reduces the risk of business impacting security incidents by responding at machine speed, allowing analysts to do the rest in human time. Leveraging the Deepwatch SecOps platform to collect, process, and analyze security telemetry from data sources, Deepwatch produces the most comprehensive high-fidelity alerts.
Deepwatch improves threat detection and reduces alert overload by correlating related threat activity for a single entity and escalating only the alerts that exceed the customer-defined risk threshold. Informed by Deepwatch’s advanced detection capabilities, Deepwatch MXDR drives automated response actions that eliminate the lag time and dependence on security staff and cross-departmental resources.
“Security leaders considering XDR should focus on security outcomes, including fast and efficient alert triage and prioritization, advanced threat detection, and rapid detection and response times, all aimed at supporting a growing attack surface,” said Dave Gruber, Principal ESG Analyst. “ESG research shows that half of security teams prefer a fully managed XDR solution, with 52% of organizations believing that an MDR service provider can do a better job at threat detection and response than they can. Other MDR use cases reported in support of XDR deployments include the need for more expert security skills, staffing augmentation, and off-hours coverage.”
The Deepwatch MXDR service can be combined with Deepwatch MDR service for complete threat lifecycle defense or purchased as a standalone service.
Deepwatch MXDR benefits:
- Designed to automate rapid response across endpoint, network, cloud, identity, and email at machine speed
- Programmatic response, using tailored playbooks
- Deliver XDR outcomes at a lower total cost of ownership compared to product-based approaches
- Deepwatch MXDR for endpoint (CrowdStrike, SentinelOne and Cybereason) is available now
- Deepwatch MXDR for network (Palo Alto, Fortinet and Check Point) is available now
- Deepwatch MXDR for email, cloud, identity, and additional endpoints will be available in Q4 2022