video qa with aaron sherrill

Video Q&A with Senior InfoSec Analyst Aaron Sherrill: Discussing MDR Security Services

We recently had the pleasure of connecting with 451 Research Senior Analyst in Information Security, Aaron Sherrill, for a video Q&A session.

The topic of conversation was endpoint security — specifically, questions surrounding the rationale for investing in a Managed Detection and Response (MDR) security solution.

MDR or Managed Detection and Response, is a managed security service whereby a company outsources the monitoring, detection, and response to security threats to a third-party vendor, such as a Managed Security Services Provider (MSSP).

Need more background about MDR? Check out Should You Outsource Your Managed Security Services to an MDR Provider?

Why do endpoint security tools fail to detect threats and prevent compromises?

  • IT environment complexity
  • Lack of expertise and resources
  • Multiple security tools deployed
  • Unknown vulnerabilities
  • Reactive vs. proactive detection

Why is it important to conduct regular threat and compromise assessments?

Endpoint security prevention tools eventually fail. As a result, it is important to conduct regular threat and compromise assessments to expose hidden risks, threats, and vulnerabilities in your environment.

Learn more and request an Infocyte Threat Assessment.

What KPIs are important when endpoint detection and response security solutions?

Three key metrics your endpoint detection and response security tools should measure, track, and help you improve:

  1. Mean time to detect (MTTD) is the average amount of time it takes your organization to detect a security event or incident — from initial infection to discovery.
  2. Mean time to resolve (MTTR) is the average amount of time it takes your organization to respond and eradicate threats or attackers.
  3. Dwell time is the entire length of time a security incident — from the initial breach to resolution — is in your IT environment.

What features are vital for a Managed Detection and Response (MDR) security solution?

Not all endpoint detection and response security tools are created equal. The top capabilities need for a managed endpoint security solution, such as an MDR platform, are:

  • Detection and response across on-premise assets, remote endpoints, virtual systems, and cloud workloads
  • Independence from existing security stack, with the ability to integrate
  • Most organizations need both Agent and Agent-less deployment options
  • Understand the overall impact on your environment, network, and business operations

You can view the full video on our YouTube Channel.

Learn more about Infocyte’s endpoint detection and response platform.

Request a demo, or watch a live attack simulation and demonstration of Infocyte’s Real-Time Security (RTS) capabilities in action.

Posted in ,