WithSecure Countercept Managed Detection and Response

ws_woman_with_red_boxing_hand_wraps

Managed Detection and Response (MDR) built by attackers for defenders.

WithSecure's Detection and Response Team (DRT) deals with cyber threats to your organization in minutes. WithSecure Countercept MDR acts as an extension of your cyber security team, sharing out threat hunting expertise, helping your team learn and grow, and continuously improving your security.

Our threat hunters spend up to 30% of their time proactively hunting for threats and evolving tools and techniques they use to detect them. The DRT investigates every alert or combination of alerts that represent a significant detection.

  • Countercept MDR’s proprietary Endpoint Detection & Response (EDR) agent and log collectors, which feed data into our XDR detection platform, provide excellent visibility of user, endpoint, cloud and network activity.

  • Countercept MDR’s 24/7 First Response service contains and remediates cyber security incidents before they have a chance to impact the business. Our proven First Response methodology enables the <1% of incidents requiring specialist support to be smoothly escalated to our incident response team.

We deliver operational efficiency and resilience to clients that enables them to achieve their goals.

What can you achieve?

Antivirus icon

Effective Attack Detection & Response

Countercept is a threat-driven service designed to be effective in the 'gray area' where legitimate activity masks malicious intent. We react to detections in minutes - and execute containment actions within hours.

Trust icon

Peacetime Value

Countercept provides cyber security insights that support continuous security posture improvement. We help you improve your security posture and meet your compliance obligations.

Partner icon

True Partnership

We act as an extension of your cyber security team, giving you unmetered access to our experts, sharing our cyber threat hunting expertise, addressing queries and helping your team develop.

Take a short assessment and get a tailored report about your risk levels.

If you are interested in finding out the risk level of your threat detection and incident response capabilities as an organization take our free risk assessment.

Risk assessment

Countercept MDR architecture

Countercept D&R team
ithSecure™ Countercept MDR improves your cyber security protection, keeping you safe from cyber attacks, data breaches and network intrusions through aggressive threat hunting and response.

Countercept D&R team

WithSecure™ threat hunters spend up to 30% of their time proactively hunting for threats and evolving tools and techniques they use to detect them. 

Effective incident response

Effective incident response

Our DRT and Incident Response teams use the same technology platform and work closely together – meaning handoffs are seamless and well-practised

Peacetime Value
WithSecure™ Countercept MDR improves your cyber security protection, keeping you safe from cyber attacks, data breaches and network intrusions through aggressive threat hunting and response.

Peacetime Value

Dedicated security engineers provide cyber security insights that help you deter and resist attacks

Countercept MDR advantages

Proprietary XDR platform

In-house expertise and in-house development of systems, from Detection all the way through to Incident Response.

Consistently effective in MITRE evaluations

Across all three evaluations WithSecure™ consistently identifies threats and has demonstrated its effective response in the face of potential cyber attacks and data breaches.

Europe-only Countercept MDR option

Delivered wholly within Europe and eliminating data access to anyone outside.

NPS growth of 124% since launch

Incidents demand preparation, prompt action and clear communication. Our customers affirm that we do this. 

Consistently outstanding service

Net Promoter Score (NPS): 51 
Customer Effort Score (CES): 89% 
Customer satisfaction (CSAT): 4.6/5–4.7/5

30 years of true partnership

Working to solve technology problems since 1988. Countercept MDR has been delivering its threat hunting services since 2016.

WithSecure Countercept and common D&R solutions compared

FeatureCommon D&R solutionsWithSecure™ Countercept
Time to valueMonthsDays
Logs consumed per monthBillionsMillions
Alerts per month100,000s1,000s of relevant alerts
Alerts investigated by expert0-10%100%
Investigation time<1 minuteAs long as necessary
Solution efficacy (% of actions that produce
a desired result)
<50%>95%
Responder profileAnalystThreat hunter

Take a deep dive into WithSecure™ Countercept MDR

Brochures Free tooling

Chainsaw

Rapidly Hunt and Search Through Windows Event Logs.

Read more

Unleashing the Power of Shimcache with Chainsaw

WithSecure™ Incident Response team has released a new subcommand for the Chainsaw forensic tool named “analyse”. This new subcommand incorporates three innovative and novel techniques to aid the analysis and timestamp enrichment of Shimcache entries.

Read more

Cat-Scale Linux Incident Response Collection

On 30 September 2019, Joani Green and John Rogers gave a talk titled "Performing Linux Investigations at Scale" at the SANS DFIR Summit in Prague.

Read more

GarbageMan – Dumpster-diving the .NET heap

GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.

Read more

Detectree: Detection Visualisation for Blue Teams

Detectree is a tool for visualising cyber security events and their relationships.

Read more
Infographic

Customer references

 The GARTNER PEER INSIGHTS Logo is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates. 

Related content

Talk to one of our experts.

Discover true partnership and real peace of mind. Complete the form, and we'll be in touch as soon as possible.

We process the personal data you share with us in accordance with our Corporate Business Privacy Policy.

Our accreditations and certificates