MDR + NDR

Goal: mitigate risk, protect sensitive data, provide visibility to upper management, elevate your security team, all while satisfying compliance requirements.

While MaxxMDR starts with Managed Detection & Response (MDR) to hunt for early signs of threats, and to quickly take action on them. By adding a fully-managed and tuned Sensor, the organization gains visibility to the network layer for a far deeper view. We enhance it with additional features and resources.

Our MDR+NDR service is the most advanced form of detection service available today, operated by one of the most experienced cybersecurity teams in the country. Our experts get to know the entirety of your network, monitoring the edge, lateral network movement, and everything in between.

Coupled with network intrusion detection system (NIDS) sensors placed in your environment and included license-free, we take full packet captures of network traffic via span ports in addition to other security logs. We dedicate an analyst resource to your business, who correlates data from detectors to investigate network traffic anomalies, breaches, compliance violations, and threats. Our team will also lead you to plan and perform mitigation if an incident occurs or a breach is found.

MDR+NDR cybersecurity service includes alerting, analysis, and response for detected events utilizing our license-free SIEM. It differs from our MDR by adding full packet capture, a dedicated analyst resource, sensor tuning, and the deeper network analysis needed for large and complex networks.

All Security Management

  • SIEM, Sensor, and all features and reports listed in MDR are included with the MDR+NDR service.

Dedicated Security Analyst

  • Your analyst knows you and your network. Network behavior thresholds get updated more regularly, and reporting adjusts to your needs.

Pro-active Threat Hunting

  • Our security engineers mine your network data, investigating anomalies, evaluating host behavior thresholds, and calling out exposures.

Incident Response

  • We take defensive action 24 hours a day, reflective of your change control and severity criteria. We’ll perform data mining and analysis for forensics as needed.

Network Behavior Analysis

Deeper knowledge provides useful insights and reduces false positives. By taking packet captures, flow and session data, and switch polls, our analysts create actionable alerts that cut through the noise. By tuning and setting thresholds at the sensor, network behavior is taken into account, which is ignored by most SIEM-focused providers’ proprietary signature

Inform Security Policy

  • Detection checks for compliance, too. We’ll help you stay compliant by providing supportive data and feedback on policy improvements.