Managed Detection and Response

24/7 alert monitoring and threat hunting services

Key Features

Alert monitoring, threat hunting, investigation, and correlation

As attackers become more sophisticated, enterprises must turn to more advanced detection and response capabilities. Correlating threats from network, server, and endpoints to get a complete picture of a targeted attack is an effective detection strategy. Unfortunately, because of a shortage in cybersecurity skills and a lack of staffing, enterprises struggle to correlate the many alerts and data themselves.
Trend Micro Managed Detection and Response services provide 24/7 alert monitoring, correlation and prioritization threat hunting, investigation, and remediation plans.

WindowsTM Mac AndroidTM iOS new Power Up

Maximum visibility

Continuous monitoring of endpoints, network, servers, and even Internet of Things (IoT) devices, such as printers.

  • Endpoint sensors record system events and behaviors (telemetry) and send meta data to the Trend service to conduct advanced investigations into attacks
  • Network sensors send metadata, including Command and Control (C&C) data, about network analysis
  • By correlating threat data from multiple sources, we give you a clearer picture of the source and spread of advanced attacks

WindowsTM Mac AndroidTM iOS new Power Up

Detection and correlation

Our MDR service uses advanced AI to correlate and prioritize alerts and customer data, analyzing them with Trend threat intelligence to determine if threats or events are part of a larger attack. Once threats have been correlated and prioritized, they are picked up by our staff who investigate further. We’ll also conduct regular sweeps of customers’ environment for Indicators of Attack (IOAs) and will continually hunt for them.

WindowsTM Mac AndroidTM iOS new Power Up

Respond and prevent

Incident response staff investigate the specific threats by gathering additional information (with customer approval though), determining vulnerabilities, understanding what else may have been downloaded, or if the original threat has mutated and spread. We determine the full root cause analysis and potential impact and generate IOCs about the particular incident to prevent future attacks.

You get a report about the incident, recommendations on how to respond and remediate from the attack, and – in some cases – tools to assist with the remediation.

WindowsTM Mac AndroidTM iOS new Power Up

Services packaging and description

Get started with Managed Detection and Response