Webroot™ Managed Detection and Response (MDR)
24X7 threat hunting, monitoring and response
- Quickly detect and respond to threats
- Purpose-built for MSPs to secure SMBs
- Meets cyber insurance requirements
What is MDR?
MDR offers comprehensive threat detection and response by augmenting cybersecurity tools with 24×7 human intelligence. MDR processes security information in near real time to hunt for, investigate and respond to incidents.
MDR is a critical service for containing, resolving and hardening against breaches. It is also becoming a mandatory requirement to obtain cyber insurance.
Why is MDR necessary?
SMBs often lack the in-house security expertise needed to prioritize alerts and fully protect their IT infrastructure. Without a 24×7×365 security posture, SMBs become prime targets for bad actors looking to steal data and extort money.
Webroot MDR is purpose built for MSPs to augment their SMB protection with threat detection and real-time response. MDR also helps MSPS and SMBs obtain cyber insurance.
Benefits
Fastest in the industry from threat detection to response: 9 mins
Combines multiple tools to stop lateral movement
Seamlessly integrates Webroot MDR and Endpoint agents for quicker event investigation
Accurate and timely insights from BrightCloud® Threat Intelligence
Meets one of the key requirements for obtaining cyber insurance
Endpoint Detection
- Uncovers and eradicates known malware
- Detects network threats and anomalies (e.g., lateral movement)
- Policy-based email protection and data loss prevention (DLP)
- Reviews User Behavior Analytics (UBA)
- Identifies malware, misuse, file-based attacks, unwanted software, insider threats and more
Threat Prevention
- Stops malware (crimeware, ransomware, trojans, exploit kits, etc.)
- Whitelists, blacklists, sandboxes, etc. threats
- Catches them before or during execution
Response Capabilities
- Isolates an endpoint from the network
- Kills processes and/or banning specific applications
- Investigates endpoint activity to understand attack progression and root cause
Reporting
- Generates overview of why threat was detected
- Gathers indicators of compromise (IOCs)
- Analyzes timeline of event and classifies threat severity)
- Produces endpoint and user info)