This article needs additional citations for verification. (February 2024) |
Managed detection and response (or MDR) is a type of cybersecurity service providing customers with remotely delivered security operations center (SOC) functions. Those services help organizations monitor, detect, analyze and respond to advanced cyber threats.[1][2]
Concept
MDR aims to address the growing cybersecurity skills gap faced by many organizations and overwhelmed security teams dealing with increasing volumes of alerts. It offers continuous threat monitoring, detection, investigation, and response by leveraging technologies like endpoint detection and response tools.[1][3]
MDR involves outsourcing threat hunting and incident response functions to teams of cybersecurity experts at the provider. It allows resource-constrained organizations to augment their security capabilities and address advanced, targeted cyberattacks and complex threats they may lack the in-house resources and skills to handle alone.[1]
Gartner predicts that 50% of all enterprises will have adopted MDR services for their cybersecurity by 2025.[3]
Key features
Key features of MDR include[1] :
- 24/7 monitoring and analysis by security experts
- Investigation and prioritization of threats
- Detailed remediation recommendations
- Access to advanced tools and threat intelligence
- Ongoing threat-hunting services
Reference
- ^ a b c d "Managed Detection and Response - Definition". www.trendmicro.com. Retrieved 2024-02-06.
- ^ "Gartner Peer Insights, Managed Detection and Response Services". Gartner. Retrieved 2024-02-06.
- ^ a b "What is Managed Detection and Response (MDR)? | Definition from TechTarget". WhatIs. Retrieved 2024-02-06.