EDR | ENDPOINT DETECTION AND RESPONSE

WHAT IS ENDPOINT PROTECTION AND RESPONSE?

RedLegg works to provide comprehensive endpoint protection against attackers’ tactics before they cause harm.  RedLegg’s EDR services utilize Carbon Black Defense next-generation anti-virus (A/V) and response capabilities.  RedLegg’s EDR offering provides the following features:

  • Blocking known threats through traditional A/V methods
  • Blocking new threats through streaming prevention
  • Automatic Attack Chain builds
  • Continuous centralized recording
  • Immediate access to secure shells on any endpoint
SIEM-Pillar-Banner

Pretty much everything you'd need to know about co-managed SIEM. 

LEARN MORE

SECURITY OPERATIONS CENTER

Managed Security Services are implemented and delivered by the RedLegg Security Operations Team.

24X7 SUPPORT:

The RedLegg Security Operations Team is available 24x7 for customer support, in your time zone.

MONITORING:

RedLegg’s Security Operations Team enables monitoring and alerting for your on-premise equipment, based on your pre-defined escalation procedures.

TICKETING:

The ticketing system is available online to track all cases, and a customer portal is available as well to check the status of tickets.

ALERTING:

For threat detection services, RedLegg will configure automatic alerts based on pre-determined criteria or critical services.

EDR SERVICES

RedLegg works to provide comprehensive endpoint protection against attackers’ tactics before they cause harm.  RedLegg’s EDR services utilize Carbon Black Defense next-generation anti-virus (A/V) and response capabilities.  RedLegg’s EDR offering provides the following next-generation features:

ALERT RESPONSE

RedLegg’s Security Operations staff will investigate alarms from the EDR Solution. In the event of an actionable incident, RedLegg will escalate through our customer ticketing system.

AUTOMATED ALERTING

RedLegg will work with you to determine the events that they will want to receive automatic notifications for. Automated alerts will arrive as an email and will be created in our integrated ticketing system.

INTEGRATED TICKETING SYSTEM

When actionable events are identified by RedLegg SOC or an Automated Alert is generated, all information is submitted into our Ticketing system for investigation, tracking, and auditing purposes. The ticketing system is available to you through our customer user portal.

  • ALERT RESPONSE
  • ALERT RESPONSE

    RedLegg’s Security Operations staff will investigate alarms from the EDR Solution. In the event of an actionable incident, RedLegg will escalate through our customer ticketing system.

  • AUTOMATED ALERTING
  • AUTOMATED ALERTING

    RedLegg will work with you to determine the events that they will want to receive automatic notifications for. Automated alerts will arrive as an email and will be created in our integrated ticketing system.

  • INTEGRATED TICKETING SYSTEM
  • INTEGRATED TICKETING SYSTEM

    When actionable events are identified by RedLegg SOC or an Automated Alert is generated, all information is submitted into our Ticketing system for investigation, tracking, and auditing purposes. The ticketing system is available to you through our customer user portal.

ENDPOINT DETECTION AND RESPONSE MANAGEMENT

  • SOFTWARE DEPLOYMENT
  • PATCH AND SOFTWARE UPDATES
  • POLICY MANAGEMENT

SOFTWARE DEPLOYMENT

RedLegg will assist you in identifying the method with which the endpoint solution will be deployed to the user base. 

PATCH AND SOFTWARE UPDATES

When new software updates or patches are available, RedLegg staff will schedule with you a maintenance window to perform the updates.

POLICY MANAGEMENT

Policies are created and managed by RedLegg staff along with your policy requirements.  RedLegg, with your guidance, manages the policies for the deployed hosts and updates as needed.

  • SOFTWARE DEPLOYMENT
  • RedLegg will assist you in identifying the method with which the endpoint solution will be deployed to the user base. 

  • PATCH AND SOFTWARE UPDATES
  • When new software updates or patches are available, RedLegg staff will schedule with you a maintenance window to perform the updates.

  • POLICY MANAGEMENT
  • Policies are created and managed by RedLegg staff along with your policy requirements.  RedLegg, with your guidance, manages the policies for the deployed hosts and updates as needed.

OUR APPROACH

RedLegg is an innovative, global security firm that delivers managed cybersecurity solutions and peace of mind to its clients.

RedLegg’s approach to information security protects the confidentiality, integrity, and availability of critical data based on a sound risk management framework. This approach allows organizations to engage business owners in defining acceptable levels of risk and to participate in the process for evaluating threats.

RedLegg’s ARMEE (Assess, Remediate, Monitor, Educate, Enforce) methodology institutes a lifecycle that allows for an ongoing process to continuously improve the security posture of the organization. This methodology is designed to be portable to all business, legal, regulatory, and security requirements of the organization. It is flexible enough to account for the constant flux in the market place, attack vectors, and protection mechanisms.

The final step in RedLegg’s ARMEE methodology is to implement solutions that enforce security measures needed to protect against threats that may affect an organization’s core business.

ARMEElogo-1

Resources

     
MSS-Monthly-Sample-Report

 

MSS-Slick-3D

 

Case Study_SIEM-International-Law-Firm-SOC-3D-1

 

SIEM-Architecture-Review

 

MSS Monthly Report Sample Managed Security Info Sheet Managed Security Case Studies SIEM Architecture Review

 

BETTER YOUR VISIBILITY.

Better defend your network.

REACH OUT