Gartner: What to look for in an MDR partner?

Posted on 3 December 2018 by Anthony Fox and Peter Cohen

All forward-thinking CISOs are looking to utilize managed detection and response (MDR) to defend their organizations against targeted attacks by live, human adversaries.

 

But how do you choose a provider in an increasingly crowded marketplace?

 

In line with recommendations made in the Gartner Market Guide for Managed Detection and Response Services, you should choose an MDR provider that has:

  • A mature, proprietary endpoint agent
  • A CIR-accredited live response team
  • Advanced containment and forensic capabilities
  • Threat disruption customized to specific attacks
  • Monitoring of the cloud and O365
  • Log management

 

In addition, you should ensure your provider is:

  • An MDR in origin, not a re-branded MSSP
  • A partner for your SOC to upscale your internal detection and response expertise
  • One of the representative providers listed in the Gartner Market Guide for Managed Detection and Response Services

 

If you’re looking for an MDR provider or wish to discuss if you need one, please contact peter.cohen@countercept.com or anthony.fox@countercept.com.