View
3
Download
0
Category
Preview:
Citation preview
open-systems.comManaged Detection and Response, Solution Brief 1.1 by Open Systems ©2020, proprietary
Managed Detection and Response (MDR)
Outcomes, not alerts – Managed Detection and Response natively built for the cloud era.
SOLUTION BRIEF Detect advanced threats through data correlation and collaborationWith the Managed Detection and Response service your enterprise utilizes the
best-practice approach to minimize risk by providing continuous monitoring of all
potential attack surfaces and fast remediation.
MDR is specifically designed to detect advanced threats that bypass existing
security controls. These threats are complex in nature, and proper identification
often requires the correlation of suspicious behaviors from many different angles.
The future of security is about collaboration. Threat actors collaborate by sharing
toolkits, compromised credentials and other critical information. We enable
your security teams to collaborate with our experts as well.
What makes our MDR special?
24x7 Managed Detection and Response
We constantly protect your enter-
prise against advanced threats that
bypass existing security controls.
Continuous monitoring, automated
correlation and fast response to
suspicious activity maximizes the
value of your security architecture.
Cloud-native MDR platform
Cloud-scale SIEM, built on Azure
Sentinel powered by internationally
recognized security experts.
Latest global threat intelligence
from Microsoft Intelligent Security
Graph is enhanced by parameter
tuning and customization of experi-
enced security analysts.
Built-in DevSecOps
No more alert backlogs thanks to
automated correlation, enrichment
and response execution.
Customer-assigned security teams
and optimization to each environ-
ment for more effective and accurate
threat detection.
SECURITY DATA SOURCES
• Firewall
• Network Detection and Response
• Secure Web Gateway
• Endpoint Detection • and Response
• 200+ integrations
USER ANDCLOUD DATA
• Identity and Access Management
• DNS Server
• Third party servers
• Applications (on-prem, IaaS, SaaS)
• Cloud-native workloads
Apps Azure Sentinel based MDR Platform
Open Systems Security Analysts
Endpoints Users
Security
Collection
• Collecting logs• Secure transport
Feedback Loop andAutomation (SOAR)
InvestigationBoard
Collaboration (Optional)• Visibility• Participation
Open SystemsSecurity Team
Your SecurityOperations
Your security investments Open Systems Outcomes
Analysedincident
Threat responsecontainment
Parsing
• Extract security- relevant fields• Normalize date
Analysis
• Threat intelligence• Enrichment• Correlation
Cloud SIEM
The future of security is about collaboration and integration. MDR detects, analyzes and contains attacks faster for you
Open Systems is a secure access service edge (SASE) pioneer that enables organizations to connect to themselves, to the cloud, and to the rest of the
world. With cloud-native architecture, secure intelligent edge, hybrid cloud support, 24x7 operations by level-3 engineers, and predictive analytics, the
Open Systems SASE delivers a complete solution to network and security.
Learn more at open-systems.com | Copyright 2020 Open Systems. All rights reserved. Approved for public use. (MS, 31 Jan 2020, v1)
Best-practice SIEM leveraged through a unique, collaborative operations model
The Open Systems MDR platform provides a best-prac-
tice framework for detecting threats and it will continual-
ly evolve to keep pace with the changing nature of
modern cyberattacks.
More than a SIEM While we build a cloud-based SIEM in Azure Sentinel and
provide our customers access to it, we are delivering the
outcome of its insights in the form of analyzed incidents.
Collaborative approach It is not a requirement for your security teams to operate
and maintain the SIEM in Azure Sentinel. Open Systems
remains fully and solely responsible for detecting and
responding to threats in this model. However, our plat-
form enables your security teams to collaborate in the
process to the degree that they desire without the
challenges of operating and maintaining a SOC directly.
This unique approach to threat detection leverages the
expertise and knowledge of both the customer and the
Open Systems security team by facilitating collaboration
to deliver the best threat detection possible.
Our key differentiators Cloud-native MDR Platform Limitless cloud speed and scale platform. Smooth integration
with customers’ existing data and security stack directly in
Microsoft Azure and Sentinel.
Integrated protection, detection and response layer Faster threat protection through integrated, unified threat
intelligence, as well as a network and security detection layer
with an automated, cloud-native SIEM and an experienced
security analytics and response team.
Business-risk driven approach Our MDR solution focuses on your business impact, risks and
assets. Report, track and improve your enterprise’s security
resilience through continuous improvements instead of
having noisy security events and products. Not alerts,
outcomes!
Collaborative investigation board and DevSecOps A unique collaborative SOC operational model fully leverages
the knowledge of our security experts for faster and more
accurate detection. The DevSecOps directly integrates into
your organization and speaks the same language as your
security team.
Open Systems is a secure access service edge (SASE) pioneer that enables organizations to connect to themselves, to the cloud, and to the rest of the
world. With cloud-native architecture, secure intelligent edge, hybrid cloud support, 24x7 operations by level-3 engineers, and predictive analytics, the
Open Systems SASE delivers a complete solution to network and security.
Learn more at open-systems.com | Copyright 2020 Open Systems. All rights reserved. Approved for public use. (MS, 31 Jan 2020, v1)
SECURITY DATA SOURCES
• Firewall
• Network Detection and Response
• Secure Web Gateway
• Endpoint Detection • and Response
• 200+ integrations
USER ANDCLOUD DATA
• Identity and Access Management
• DNS Server
• Third party servers
• Applications (on-prem, IaaS, SaaS)
• Cloud-native workloads
Apps Azure Sentinel based MDR Platform
Open Systems Security Analysts
Endpoints Users
Security
Collection
• Collecting logs• Secure transport
Feedback Loop andAutomation (SOAR)
InvestigationBoard
Collaboration (Optional)• Visibility• Participation
Open SystemsSecurity Team
Your SecurityOperations
Your security investments Open Systems Outcomes
Analysedincident
Threat responsecontainment
Parsing
• Extract security- relevant fields• Normalize date
Analysis
• Threat intelligence• Enrichment• Correlation
Cloud SIEM
Cloud-native MDR platform architecture and matching operations model
Recommended