MANAGED DETECTION & RESPONSE (MDR)

OUTPACE ADVANCED ATTACKERS

Reduce the impact (& damage) of threats by preventing lateral movement in your network.

Protect My Endpoints

PROACTIVELY DEFEND YOUR NETWORK FROM ADVANCED ATTACKS

Backed by your trusted MSSP who doesn't leave you in the lurch, going above-and-beyond the escalated ticket.

 

 

 

Grow your detection capabilities.

First things first – If you don't have an EDR tool in place, we can help you find a solution that works for you.

(If you already have an EDR tool, we can work with what you have.)

Use EDR as a second layer of coverage to help you fill in detection gaps. And get more insight into host activities.

 

 

Icons__crosshair-red

 
      •  

 

 

Icons__binocular-red

 

Monitor your EDR tool 24x7.

Whether you prefer to use our tool or your existing investment, you'll have access to experts to fulfill your staffing needs. And who know your tool inside and out.

With all the capabilities of a SOC-as-a-Service operation. 
      •  

 

 

 

Reduce your time to detect & respond.

Go beyond high-confidence alerts with agreed-upon terms for triage, investigation, and remediation.

Allow your designated RedLegg experts to protect your network on your behalf. 

 

 

 

 

 

Icons-_Alert-Red

 
      •  

 

 

 

Icons-_Tools-White

Experts In Multiple EDR Platforms

 

Icons-_Gear-Checkmark-White

Service Teams Powered by

Palo Alto Networks Cortex XSOAR

Icons-_Alert-White

Ranked Top 50 In MSSP Alert's

'Top 250 MSSPs Of 2020' List

 

 

 

Icons__check-white

SOC II Certified

 

 

Icons__plus-white

Shared admin access to your platform

 

 

Icons__binocular-white

24x7x365 monitoring

 

 

 

Advance Your Capabilities

Icons-_Checkmark-Document-Red

Prepare for an incident.

Have the right tools in place to handle a potential incident. And better tell the story of what happened with captured activity on the host-level.

 

With an EDR tool configured by the experts.

Icons__intelligence-red

Have access to expertise in all areas of response.

Experts not only know your tool but can perform incident response, develop custom automation, and provide threat intelligence.

 

With a one-stop shop team at your side.

Icons__gear-red

With additional layers of automation.

Reduce your time to detect and respond at scale with additional automated capabilities, an optimized security infrastructure, and a service team powered by Palo Alto Networks Cortex XSOAR.

 

Where your possibilities don't have limitations.

 

3D-RedLegg-MDR-Sheet

 

 

 

Share the MDR service sheet with your team.
   

Beyond Alerts

Your adaptable MDR solution from an MSSP that values lasting, collaborative relationships & a hands-on approach to security.

☑️ Level of remediations & host isolation upon agreement – remote removal, process killing, host quarantine, file deletion

☑️ Expertise in IR, Incident Triage/Analysis, & Automated Response

☑️ Onboarding time in hours, not days or weeks

☑️ Access to experts in network & forensic security analysis

☑️ Software deployment assistance

☑️ Remote delivery and includes tuning phase

☑️ Custom automation and detection rules

☑️ Few to no false positives – high-confidence data

☑️ Access to the UI – see what we see

☑️ Ala carte SOC-as-a-Service offerings with an MSSP who knows your network as good as you do

☑️ Monitoring of network connections, file integrity, process creation, registry edit, and running services – network sensor available to add visibility

☑️ Leadless Threat Hunting

☑️ Flexibility – option to use tools such as Palo Alto Networks Cortex XDR, LimaCharlie, or your existing tool

☑️ Continuous centralized recording of all telemetry activity

☑️ Work with you to create policies and manage them

☑️ Custom threat detection use cases

☑️ Heuristic, behavior-based rules

☑️ Manage and track open escalations with the integrated ticketing system

☑️ Option of integrated Threat Intelligence from our threat research team
 

When you're ready.

  

 
 

Icons-_Tools-BlueSetup your EDR tool

Icons__Gear-Checkmark-BlueRemote service delivery

Icons__binocular-blue 24x7 monitoring