ENDPOINT DETECTION AND RESPONSE SERVICE (MSS-EDR)

The Managed Endpoint Detection and Response Service (MSS-EDR) is a “Security as a service” (SaaS) offering to monitor endpoints and servers’ activity, to detect and to mitigate known and unknown threats to the enterprise.  Together with GLESEC’s Orchestration’s platform, this service integrates security information from endpoints and servers with other sources to increase confidence, reduce time to mitigate and eliminate blind spots.

How does it work?

Turnkey, Security as a Service. The technology utilizes Endpoint Protection (AV & NextGen AV), Endpoint Detection and Response, Threat Intelligence, Network Analytics, User Behavior Analytics, 24×7, Threat Intelligence, Sandbox, Deception, UBA Verification, Incident Response and BigData.

  • Delivery is cloud based or on-prem (using GLESEC GMSA Appliance).
  • Automated deployment of light-agents quickly self-installs in all endpoints and servers of the organization.
  • Once these agents are deployed, they become active to identify any suspicious activity.
  • The agents can respond either automatically or alert GLESEC’s Ops Centers depending on the pre-established rules of engagement’s automation.
  • GLESEC’s Secured Operation Centers monitor, hunt and respond based on established playbooks 7x24x365 to contain, mitigate, alert and report.
  • Client’s access to the GLESEC’s Orchestration platform (based on contract of Orchestration service) providing visibility of the various elements of the GLESEC 7eCSMTM framework. This allows access to detailed dashboards and reporting as well as the Case & Resource Utilization application, News service and other tools. The Case & Resource Utilization application is used to manage the full lifecycle process for threat identification and mitigation that takes into consideration all the communication interaction with various levels of the client’s organization.

ENDPOINT DETECTION AND RESPONSE SERVICE

Even the best-prepared organizations cannot guarantee that they will not be compromised by an attack; the last line of defense is the endpoints and servers.

The MSS-EDR is GLESEC’s response to the need for a best-practice service that combines emerging technologies, BigData analytics and on-going manual analysis of any suspicious user, process, network and file activity for all hosts and servers.

Sergio Heker, CEO

Provides peace of mind in the detection, identification, and protection of endpoints and servers across the enterprise.

Helps eliminate
cyber-security risk factors that can impact business operations.

Meets compliance in regulatory requirements.

BENEFITS

Promotes a continuous risk-reduction and on-going cyber-security improvement and mitigation process.

Augments the internal staff by partnering with an organization with core competency in cyber-security operations.

Most cost-effective solution based on the benefits of outsourcing.

I feel peace of mind that GLESEC is monitoring and responding to threats around the clock on my organizations’ behalf.

VP of IT of Leading Financial Institution, Central America

This service can be classified according to the following table:

Monitoring

Yes

Testing

Protection

Yes

Compliance

Forensic

Yes

Remediation

Mitigation

Yes

Each of the MSS services can be mapped to one of the seven elements of the 7eCSM. 
In this case the mapping is: