This is the fourth in a five-part blog series on managed detection and response as it drives strategic security outcomes for businesses.
More and more managed detection and response (MDR) providers need to recognize their place among multicloud platforms. Today’s businesses often have data scattered among different cloud providers. Most vendors offer cloud-based services, after all. Therefore, it’s important for a multicloud MDR services platform to provide a way to pull in all relevant data sources when hunting for potential threats, regardless of the cloud provider.
Read on to learn about how modernizing is key to your MDR services platform.
And, catch up with the other parts of this series: We discuss alignment in Part 1; in Part 2, we focus protection; and in part 3, we highlight management.
How MDR Services Mesh With an Open, Multicloud Platform
More endpoint detection and response (EDR) platforms are becoming available. Therefore, it’s up to the MDR service provider to evaluate its usefulness for threat hunting as well as general endpoint detection capabilities. Some of the important questions to answer while evaluating a new EDR platform are:
Does the platform give the entire picture with regards to a process execution?
Can it look at file modifications, network connections, registry changes and more?
Does the platform allow custom threat intelligence to be included?
Can you easily add data from the EDR solution into a platform that can search across all data types in a multicloud environment?
The EDR platform an enterprise chooses to deploy is not an issue when working with an MDR service provider who is agnost ..
Support the originator by clicking the read the rest link below.
