Managed detection and response

July 2021

Our managed detection and response service adopts an end-to-end approach that focuses on prevention, detection, response and hunting will reduce the risk of a breach at each stage whilst hardening defences and improving response actions.

Prevent

Reduce the risk of evasions and stop threats before they have a chance to damage the target system

• Global and local threat intelligence mapping
• Automated, real-time escalation of high-confidence threat activity
• Correct insecure configuration
• Identify endpoints not protected by Cortex XDR agents
• Perform regular red team exercise to identify detection blind spots

Detect

Behavioural analysis of network and endpoint to identify activity that may be considered suspicious or malicious in nature

• Near real-time detection of both commodity and sophisticated targeted attack
• Recorded activity data is retained for 100+ days to enable historical analysis and retro-hunt in seconds
• PwC-developed behavioural detection rules mapped to MITRE ATT&CK techniques
• Customised detection rules

Respond

Validation, containment and eradication of the threat from the environment

• Containment and remediation actions of identified threats pushed within minutes with minimal business impact
• We act as an extension of your security team with direct access to our analysts to collaboratively manage incidents
• Custom, automated collection of evidence data and containment of threats

Hunt

Proactive and ongoing ‘hunt’ for threats and other suspicious activity which is not directly associated with a detection event

• Dedicated per-client threat hunting hours
• Proactive, ongoing threat hunting, not just ‘alert validation’
• Full retro-hunt capability to apply newly discovered TI ‘back in time’
• Monthly feedback sessions.
• Recommendations based on hunt-operations – help the client improve over time

Why PwC?

• Dedicated threat hunters searching proactively for threats and other suspicious activity.
• Unrivalled visibility of threats; endpoint, network, threat intelligence, file activity etc.
• Rated by Forrester as ‘Leader’ in Digital Forensics and Incident Response.
• Quick deployment and simple integration of technology.
• We provide you access to your own data.
• We have a unique understanding of board expectations as business risk advisors.
• Service is provided in context of wider security and risk management strategy.

Start your one-month free proof-of concept now

To help you understand the benefits our MDR service, we'​re offering a free proof-of-concept for one month. Please sign up here and one of our product experts will get in touch with you.