Cyberfusion: Your Cyber-Swiss Army Knife

Your MDR service delivered by RedLegg is backed by a full Cyberfusion Team. By combining Research, Platform Management, Threat Analyst, and Analytics team members and processes into one unit, RedLegg is able to provide a truly next-generation holistic approach to cybersecurity services delivery.

 

RedLegg - Illustration - MDR Services - V1

THE BENEFITS

Cyberfusion focused

icon-Expert Team-blue+red
Whole team approach 
RedLegg’s Cyberfusion team is the next step in security operations evolution. Melding together disciplines of cyber threat intelligence, security analysis, platform management and data analytics, RedLegg takes a complete team approach to your cybersecurity services.   
icon-Valuable Data-blue+red
Optimization through data 
Through collaborative review of your security trends and alarming environment, RedLegg’s Cyberfusion team lets the numbers do the talking to identify how your service can be better optimized. 
icon-Deployment-blue+red
Robust Detections
The core to any successful monitoring service is the quality of the detection logic leveraged in your solution. With RedLegg’s Cyberfusion team, detection logic is crafted by our Cyber Threat Intelligence team, and then reviewed and optimized by the platforms team who are subject matter experts in your environment.  This collaboration ensures that detections custom fit your solution. 
icon-Support-blue+red
We've done it all 
As your cybersecurity practice evolves, RedLegg’s services evolve with you. With RedLegg’s Cyberfusion Team, we can provide direction and development in advanced security practices leveraging runbook and automation development. No scenario too complicated, our multi-discipline team has seen and done it all.

FOCUS ON PEOPLE

Meet An Extension of Your Team 

icon-Actionable Data
Cyberfusion Center at your back
RedLegg’s Cyberfusion center has researchers, incident responders, platform specialists, data analytics, and analysts all working shoulder to shoulder to better understand what is happening within the cybersecurity landscape and building solutions to best protect our customers. 
icon-Expert Team
Staff Augmentation  

A true extension of your team:  With RedLegg you get cybersecurity pros with years of experience in platform management, threat analysis, security automation and incident response.
icon-Software Platform
Backed by a Powerhouse SOC
RedLegg’s 24x7 threat analyst team has seen it all. That’s the type of team you want watching your critical assets and monitoring potential threats in your environment. MDR alarms are triaged and reviewed by human analysts with the training, skill, and resources to provide confident support.
icon-Partnership
Remediation Support

Identifying a threat is only part of our job. RedLegg’s Cyberfusion security experts stay at your side through the remediation process with guidance and recommendations to ensure you’re safe.

OUR APPROACH

Discover the Secret Ingredient: MDR Services + Cyberfusion

Our strength is the perfect blend of human expertise and automation with intention.

With RedLegg’s MDR Services, move away from the one-size-fits-all service delivery model and into a tailored service that no only uses the right tools for your monitoring environment, but also implements real threat modeling and custom detections to ensure your business is covered. 

MDR Cyberfusion Key Features

FIGMA IPSUM

Figma ipsum component variant main layer fill.

Expert Team
Figma ipsum component main.

Figma ipsum component variant main layer create selection mask union polygon opacity.

Expert Team
Figma ipsum component main.

Figma ipsum component variant main layer create selection mask union polygon opacity.

Expert Team
Figma ipsum component main.

Figma ipsum component variant main layer create selection mask union polygon opacity.

PLATFORM MANAGEMENT TEAM

MDR Platform Expertise

RedLegg’s MDR service is managed daily by our Platform Engineers. RedLegg’s certified platform engineers are your subject matter experts for all aspects of your platform.  They serve as your guide as your service develops, providing feedback and direction on the best way to monitor your environment, collect the signals from your infrastructure, deploy MDR software - and operationalizing the information collected.

From the project kickoff, your platform engineer will take you through onboarding, platform deployment for new installations through to full-service optimization. At each step in the process the platform team is there to ensure your deployment and service is optimized successfully.

Dedicated Engineer

A dedicated platform engineer will become a critical part of your team as they manage both the platform and your relationship with RedLegg.

Comprehensive Management

Certified in their platform of expertise, the platform engineers own the management of your solution in all areas relating to the successful process of monitoring, alerting, and response to security threats. 

Patch & Software Updates

RedLegg’s MDR Platform Team will work with you and your change management process to schedule and execute any patch software updates or upgrades. 

Detection Logic Deployment

With the guidance of the RedLegg CTI team, the Platform Engineers prepare and deploy new detection logic to your managed MDR platform.  You can rest assured that if a new threat is present, detection logic is en route to your platform. 

Cyberfusion Platform Chart

 

CYBER THREAT INTELLIGENCE TEAM

Research To Chart The Course

A Key component to RedLegg’s Cyberfusion team are its Cyber Threat Intelligence researchers. RedLegg’s researchers live on the bleeding edge of the threat landscape and are performing continuous research into tactic, techniques and procedures of both developing threats as well as existing threats that continue to evolve. This research powers our Detection Logic Lifecycle process which provides the key ingredient to security monitoring success: effective Detection Logic.

RedLegg’s Detection Logic is mapped to the MITRE ATT&CK Framework, so threat analysts and customers can contextualize the activity within a possible greater picture. RedLegg’s Cyberfusion threat analysts are provided with guidance and investigation protocols for each Detection so they can swiftly identify if the activity meets the qualifications for the alarm.

Threat Profiles
Threat Profiles

Comprehensive reports regarding a threat, threat actor, or collection of techniques.

Critical and Emergency Threat Bulletins
Critical and Emergency Threat Bulletins 

Patch notes, vulnerability disclosures, and emerging threats with references and mitigation guidance.

Detection Logic Development Lifecycle 
Detection Logic Development Lifecycle 

Detection Logic is developed through research, MITRE ATT&CK, and threat modeling exercises.

next arrow
Threat Modeling
Threat Modeling 

Engagement with customers may lead to exploring potential threats that may occur in a customer environment.

next arrow

THREAT ANALYSTS TEAM

Because threats don't stop at 5pm...

 

fi-rs-quote-right

Threats don't stop at 4:00 or 5:00 when we take off, so having a RedLegg agent keep an eye out for us has been invaluable - and very comforting!

Anonymous Testimonial Placeholder Male 
IT Director - US-based Hospital

 

24x7x365 

Threat Actors, don’t rest, and neither do we. RedLegg’s Security Operations staff performs continuous real-time analysis on security detections received from customer MDR solutions.  Actionable events will be investigated and escalated via the ticketing system and pre-determined escalation path to the Client. Response actions may be triggered based on detection playbooks.

Remediation Support 

RedLegg provides remediation support and guidance on escalated detection cases to ensure the client has all the information they need during remediation activities.  RedLegg’s customers can lean on the Cyberfusion team with its variety of cybersecurity disciplines and focuses to support customers as remediate.

Around
The Clock Support

The RedLegg Security Operations Team is available 24x7 for customer support.

Custom Workflows

Customizable Workflows and Escalation Paths. Tasks and workflows are automatically presented to analysts in playbooks when new cases are created. This ensures consistent and thorough analysis.

DATA AND ANALYTICS

Numbers matter

RedLegg’s Data and Analytics team is dedicated to the development of the KPIs and data points that tell the untold story of your security service and risk surface.  Leveraging data from signals from your environment and cases worked by Threat Analysts, RedLegg’s MDR reports and dashboards provide you with key insight into the trends and anomalies that occur over time.

Within our reports and dashboards, you can track compliance to your SLAs and identify how much time your team is getting back as we triage, investigate, and manage your MDR cases for you. Drill into hosts, alarms, and even MITRE ATT&CK techniques for more context about your risk surface.

If the data is there, we will find a way to present it.

Monthly Performance Reports
Monthly Performance Reports 

RedLegg’s Data and Analytics team will deliver a monthly report illustrating the performance of the platform and the security operations team on a monthly basis. KPIs have been identified so you can both measure OUR performance as well as your own security efforts.  

next arrow
Live Dashboarding
Live Dashboarding 

Live Dashboards are available so you can not only track your KPIs in real time, but view the work being done by the analysts as it happens in your case queue. This allows you to drill down and empower your own remediation efforts in a collaborative space with the Threat Analyst team. 

Compliance Reports 
Compliance Reports 

Reports can be scheduled or created to satisfy compliance requests.

next arrow
On-Demand Reports 
On-Demand Reports 

Custom On-Demand reports can be created for one time investigation purposes or scheduled depending on the scope and the information required.  

next arrow

Figma ipsum component variant main layer. Line move follower effect flows invite. Edit thumbnail scrolling text variant create. List figjam flows bold clip move scale. Selection editor asset connection line content frame italic figma. Device share create list blur main. Follower main ipsum asset frame asset figma. Stroke community overflow rectangle subtract comment. Draft group thumbnail content figma link library underline mask. Rotate ipsum invite object shadow star. Image pen overflow reesizing layout overflow community vector rotate. Thumbnail auto invite create opacity slice plugin style.

Figma ipsum component variant main layer. Line move follower effect flows invite. Edit thumbnail scrolling text variant create. List figjam flows bold clip move scale. Selection editor asset connection line content frame italic figma. Device share create list blur main. Follower main ipsum asset frame asset figma. Stroke community overflow rectangle subtract comment. Draft group thumbnail content figma link library underline mask. Rotate ipsum invite object shadow star. Image pen overflow reesizing layout overflow community vector rotate. Thumbnail auto invite create opacity slice plugin style.

Figma ipsum component variant main layer. Line move follower effect flows invite. Edit thumbnail scrolling text variant create. List figjam flows bold clip move scale. Selection editor asset connection line content frame italic figma. Device share create list blur main. Follower main ipsum asset frame asset figma. Stroke community overflow rectangle subtract comment. Draft group thumbnail content figma link library underline mask. Rotate ipsum invite object shadow star. Image pen overflow reesizing layout overflow community vector rotate. Thumbnail auto invite create opacity slice plugin style.

Figma ipsum component variant main layer. Line move follower effect flows invite. Edit thumbnail scrolling text variant create. List figjam flows bold clip move scale. Selection editor asset connection line content frame italic figma. Device share create list blur main. Follower main ipsum asset frame asset figma. Stroke community overflow rectangle subtract comment. Draft group thumbnail content figma link library underline mask. Rotate ipsum invite object shadow star. Image pen overflow reesizing layout overflow community vector rotate. Thumbnail auto invite create opacity slice plugin style.

CONTACT US

Drilling-down to threats specific to your business

Learn how RedLegg's Cyberfusion philosophy can transform your security program. Wheather you chose MDR with Managed SIEM, or MDR with Managed EDR, you will be supported by the power of our full Cyberfusion team. Threat Intelligence, Platform Managment, Data and Analytics all under one umbrella to provide you with  next-gen MDR Services.

 

Analysis examining an alarm

Contact us