Your MDR service delivered by RedLegg is backed by a full Cyberfusion Team. By combining Research, Platform Management, Threat Analyst, and Analytics team members and processes into one unit, RedLegg is able to provide a truly next-generation holistic approach to cybersecurity services delivery.
THE BENEFITS
FOCUS ON PEOPLE
OUR APPROACH
With RedLegg’s MDR Services, move away from the one-size-fits-all service delivery model and into a tailored service that not only uses the right tools for your monitoring environment, but also implements real threat modeling and custom detections to ensure your business is covered.
The Platform Management team is responsible for the care and feeding of the MDR solution. From onboarding, configuration, tuning, and system updates, the Platform Management team is your go-to resource for your MDR solution questions.
The CTI team are the researchers investigating the new and evolving threats that are identified in the security landscape. Equipped with expertise and threat modeling skills, the CTI team develops the Detection Logic that powers the MDR Service.
The front line in the war against security threats, the Security Analyst are at their posts 24x7 triaging, investigating, and escalating potential security threats or general concerns. Analysts will also participate in remediation support when it is required.
RedLegg’s Data and Analytics staff work under the hood to tell the story told by the numbers. Trends, anomalies, and key performance indicators are collected, reviewed and shared with the team to improve all aspects of the MDR Service.
FIGMA IPSUM
Figma ipsum component variant main layer create selection mask union polygon opacity.
Figma ipsum component variant main layer create selection mask union polygon opacity.
Figma ipsum component variant main layer create selection mask union polygon opacity.
PLATFORM MANAGEMENT TEAM
RedLegg’s MDR service is managed daily by our Platform Engineers. RedLegg’s certified platform engineers are your subject matter experts for all aspects of your platform. They serve as your guide as your service develops, providing feedback and direction on the best way to monitor your environment, collect the signals from your infrastructure, deploy MDR software - and operationalizing the information collected.
From the project kickoff, your platform engineer will take you through onboarding, platform deployment for new installations through to full-service optimization. At each step in the process the platform team is there to ensure your deployment and service is optimized successfully.
A dedicated platform engineer will become a critical part of your team as they manage both the platform and your relationship with RedLegg.
Certified in their platform of expertise, the platform engineers own the management of your solution in all areas relating to the successful process of monitoring, alerting, and response to security threats.
RedLegg’s MDR Platform Team will work with you and your change management process to schedule and execute any patch software updates or upgrades.
With the guidance of the RedLegg CTI team, the Platform Engineers prepare and deploy new detection logic to your managed MDR platform. You can rest assured that if a new threat is present, detection logic is en route to your platform.
CYBER THREAT INTELLIGENCE TEAM
A Key component to RedLegg’s Cyberfusion team are its Cyber Threat Intelligence researchers. RedLegg’s researchers live on the bleeding edge of the threat landscape and are performing continuous research into tactic, techniques and procedures of both developing threats as well as existing threats that continue to evolve. This research powers our Detection Logic Lifecycle process which provides the key ingredient to security monitoring success: effective Detection Logic.
RedLegg’s Detection Logic is mapped to the MITRE ATT&CK Framework, so threat analysts and customers can contextualize the activity within a possible greater picture. RedLegg’s Cyberfusion threat analysts are provided with guidance and investigation protocols for each Detection so they can swiftly identify if the activity meets the qualifications for the alarm.
Comprehensive reports regarding a threat, threat actor, or collection of techniques.
Patch notes, vulnerability disclosures, and emerging threats with references and mitigation guidance.
Detection Logic is developed through research, MITRE ATT&CK, and threat modeling exercises.
Engagement with customers may lead to exploring potential threats that may occur in a customer environment.
THREAT ANALYSTS TEAM
Threats don't stop at 4:00 or 5:00 when we take off, so having a RedLegg agent keep an eye out for us has been invaluable - and very comforting!
IT Director - US-based Hospital
Threat Actors, don’t rest, and neither do we. RedLegg’s Security Operations staff performs continuous real-time analysis on security detections received from customer MDR solutions. Actionable events will be investigated and escalated via the ticketing system and pre-determined escalation path to the Client. Response actions may be triggered based on detection playbooks.
RedLegg provides remediation support and guidance on escalated detection cases to ensure the client has all the information they need during remediation activities. RedLegg’s customers can lean on the Cyberfusion team with its variety of cybersecurity disciplines and focuses to support customers as remediate.
The RedLegg Security Operations Team is available 24x7 for customer support.
Customizable Workflows and Escalation Paths. Tasks and workflows are automatically presented to analysts in playbooks when new cases are created. This ensures consistent and thorough analysis.
DATA AND ANALYTICS
RedLegg’s Data and Analytics team is dedicated to the development of the KPIs and data points that tell the untold story of your security service and risk surface. Leveraging data from signals from your environment and cases worked by Threat Analysts, RedLegg’s MDR reports and dashboards provide you with key insight into the trends and anomalies that occur over time.
Within our reports and dashboards, you can track compliance to your SLAs and identify how much time your team is getting back as we triage, investigate, and manage your MDR cases for you. Drill into hosts, alarms, and even MITRE ATT&CK techniques for more context about your risk surface.
If the data is there, we will find a way to present it.
RedLegg’s Data and Analytics team will deliver a monthly report illustrating the performance of the platform and the security operations team on a monthly basis. KPIs have been identified so you can both measure OUR performance as well as your own security efforts.
Live Dashboards are available so you can not only track your KPIs in real time, but view the work being done by the analysts as it happens in your case queue. This allows you to drill down and empower your own remediation efforts in a collaborative space with the Threat Analyst team.
Reports can be scheduled or created to satisfy compliance requests.
Custom On-Demand reports can be created for one time investigation purposes or scheduled depending on the scope and the information required.
Figma ipsum component variant main layer. Line move follower effect flows invite. Edit thumbnail scrolling text variant create. List figjam flows bold clip move scale. Selection editor asset connection line content frame italic figma. Device share create list blur main. Follower main ipsum asset frame asset figma. Stroke community overflow rectangle subtract comment. Draft group thumbnail content figma link library underline mask. Rotate ipsum invite object shadow star. Image pen overflow reesizing layout overflow community vector rotate. Thumbnail auto invite create opacity slice plugin style.
Figma ipsum component variant main layer. Line move follower effect flows invite. Edit thumbnail scrolling text variant create. List figjam flows bold clip move scale. Selection editor asset connection line content frame italic figma. Device share create list blur main. Follower main ipsum asset frame asset figma. Stroke community overflow rectangle subtract comment. Draft group thumbnail content figma link library underline mask. Rotate ipsum invite object shadow star. Image pen overflow reesizing layout overflow community vector rotate. Thumbnail auto invite create opacity slice plugin style.
Figma ipsum component variant main layer. Line move follower effect flows invite. Edit thumbnail scrolling text variant create. List figjam flows bold clip move scale. Selection editor asset connection line content frame italic figma. Device share create list blur main. Follower main ipsum asset frame asset figma. Stroke community overflow rectangle subtract comment. Draft group thumbnail content figma link library underline mask. Rotate ipsum invite object shadow star. Image pen overflow reesizing layout overflow community vector rotate. Thumbnail auto invite create opacity slice plugin style.
Figma ipsum component variant main layer. Line move follower effect flows invite. Edit thumbnail scrolling text variant create. List figjam flows bold clip move scale. Selection editor asset connection line content frame italic figma. Device share create list blur main. Follower main ipsum asset frame asset figma. Stroke community overflow rectangle subtract comment. Draft group thumbnail content figma link library underline mask. Rotate ipsum invite object shadow star. Image pen overflow reesizing layout overflow community vector rotate. Thumbnail auto invite create opacity slice plugin style.
CONTACT US
