How to Choose an MDR Provider

Managed detection and response (MDR) providers are becoming increasingly popular with small-to-medium sized business and mid-market companies alike. 

Gartner estimates that by 2024, a quarter of all organizations will be using MDR services—either as augmentation of their in-house capabilities or as a stand-alone security partner—which is up from less than 5% today. They also expect that by 2024, 40% of midsize enterprises will use MDR as their only managed security service.

With that said, Gartner also highlighted the confusion that exists in the market. Would-be MDR customers have a hard time differentiating one provider—and even one feature—from another, given the variety of approaches and technologies used by MDR service providers.

In general, as outlined by Gartner, MDR services provide:

  • A remotely delivered 24/7 SOC solution that can detect, investigate, and respond to threats. 
  • Staff that have skills and expertise in threat monitoring, detection, and hunting, and in incident response. 
  • Processes that include standardized workflows and procedures.

But because most MSSPs have had decades of vetting that MDR providers haven’t (given the newness of the solution) you’re left to do more due diligence on MDR providers before signing a contract. Having a strong set of requirements in mind from the outset of your search will make the selection process far easier and make direct comparisons more achievable.

So with that in mind, in this post we offer you just such an evaluation framework for organizations considering MDR. We want to help you not only evaluate but compare prospective partners and vendors in an apples-to-apples way. This will depend on the outcomes you’re looking to drive, the nature of your attack surface (org size, vertical, sec maturity, etc.), and which attack vectors, vulnerabilities, are most relevant for your organization.

Outcomes to Consider

Your choice of vendor will depend (Read more...)

*** This is a Security Bloggers Network syndicated blog from IntelliGO MDR Blog authored by IntelliGO Networks. Read the original post at: