Managed Detection and Response (MDR)

Looking for more information on our Security solutions? Request Information

Who's watching your network?

A good cybersecurity defense includes implementing tools like SIEM, UTM firewalls and advanced endpoint security technology. However, without the human component—someone to actively utilize the data coming from these tools—you are essentially still at square one. That’s because it’s not necessarily how good your tools are, but who’s leveraging those tools to keep watch over your environment.

According to Gartner: “The goal of MDR services is to rapidly identify and limit the impact of security incidents to customers. These services are focused on remote 24/7 threat monitoring, detection and targeted response activities. MDR providers may use a combination of host and network-layer technologies, as well as advanced analytics, threat intelligence, forensic data, and human expertise for investigation, threat hunting and response to detected threats.” (Gartner, “Market Guide for Managed Detection and Response Services,” July 2019.)

The video below underscores the importance of MDR and its benefits to organizations in this position.

ControlScan MDR Stands Guard

ControlScan performs Managed Detection and Response (MDR) specifically for organizations that don’t have the internal expertise and/or bandwidth to keep a vigilant watch over the security of their IT environment. We employ the right people and the right processes to efficiently supplement your organization’s security threat management efforts.

Our team identifies intrusions as they are happening, so you can extract them from your environment before any damage is done:

  • Defining, implementing and updating security rules
  • Running targeted threat hunting sequences to trace anomalies
  • Examining alerts to separate true concerns from false positives
  • Addressing and appropriately escalating threats in real-time

"ControlScan has my back by being responsive to security alerts and communication."

- Chris Lynch, Director of Cybersecurity, Ace Parking Management, Inc.

Removing the Burden of Log Management

A single network device can generate thousands of logs each day, and an organization may have hundreds of network devices and servers. The overwhelming amount of log messages can obscure network visibility, overtax internal resources and increase operational costs.

As part of our MDR service, we collect, aggregate and normalize your organization's log data from servers, endpoints, applications and security devices for compliance and infrastructure management. Our expert security analysts monitor and analyze your log events, freeing up your IT resources to focus on growing your business.

MDR by ControlScan
  • More than 40 million logs/events ingested each hour
  • Over 1 TB of data collected daily
  • Myriad log types ingested, including Microsoft, Cisco, Meraki, Palo Alto, Checkpoint, Solaris, Linux, Cylance, Crowdstrike, Carbon Black, Fidelis, Dark Trace, etc.

Choose Your ControlScan MDR Solution

ControlScan offers a variety of solutions to meet your business's distinct security threat detection and response needs. The chart below outlines our various MDR service options. Note that the solution as described on this page relates to MDR Standard/Plus. Click here for Managed SIEM and here for MDR Essential.

ControlScan MDR Service Comparison

* MDR Essential includes basic incident response to investigate and remove threats on protected systems only.

About the ControlScan Security Operations Center

The ControlScan SOC captures and compiles data from both physical and digital sources to develop a level of decision support not possible in a standard monitoring environment. This process combines our people, processes and technology to analyze and act on robust data sets, allowing us to see the whole picture of an enterprise. We keep your business optimized and running no matter what challenges arise.

Our SOC runs 24x7 and is staffed by highly trained SecOps personnel. Located in Hunt Valley, MD, the SOC is a secure facility featuring video surveillance, biometric access control, redundant fiber-optic Internet connectivity, and battery and diesel redundant power.


Ready to get started?  GET STARTED