Threat Detection Services 

Threat Detection Services

• Identification: threats are identified and separated from the false positives generated by security technology traffic.
• SOC analysis: our experts within our global Security Operation Centers (SOCs) engage in threat hunting and validation to verify threats, their impact, and any additional information related to security breaches.

Standard Tier

• Automated reporting: a sophisticated, automated service for clients seeking entry-level threat detection.
• Tailored notifications: notification confidence levels can be tailored and set depending on the specific severity level.

Enhanced Tier

• Vendor integration: deep integration with multiple supported vendors and technologies enables the collection of evidence data and contextual information well beyond standard syslog outputs.
• Event-driven threat hunting: security analysts perform event-driven threat hunting for a range of vendor technologies to gain full insight into client-monitored sources.
• Response services: we take responsive actions to ensure any compromises will be contained and not spread further into your IT environment. Remote incident response and network blocking enable you to experience the full benefits of our Threat Detection Service offering.

The benefits are:

• advanced analytic capabilities, including machine learning and threat behaviour modeling
• tailored analyst workbench
• deeper incident investigation and validation
• event-based threat hunting
• actionable incident notification with recommendations
• incident support until resolution is achieved