TorchLight announces its managed detection and response (MDR) solution, MDR-Complete, which has ransomware defense capabilities. MDR-Complete provides threat intelligence and research, endpoint detection and response, perimeter telemetry and incident management and response.
MDR-Complete is significant because more than 4,000 ransomware attacks have happened daily in the United States, according to government figures. Ransom demands often exceed more than $1 million.
Without an integrated solution, companies face inefficient, error-prone processes, manual threat correlation and the challenge of performing complex tasks across multiple systems, which can result in missed threats and delayed responses. There is an increase cybersecurity workload and expanding attack surface.
TorchLight’s MDR-Complete service starts with a ransomware gap assessment to determine an organization’s ransomware vulnerability to ransomware events based on the NIST Cybersecurity Framework (NISTIR 8374). With this assessment, TorchLight then customizes a suite of SaaS-delivered protections that includes security for endpoints, email and DNS; all reporting to a single cloud analytics program. The service includes 24/7 proactive security event monitoring and response.
TorchLight’s MDR-Complete service provides 24/7 monitoring and proactive response reviewing all the security alerts from enterprise security information and event management (SIEM) systems, determining which alerts are malicious and providing correlation to identify any low-level alerts that are part of a bigger threat.
MDR-Complete security elements include:
- Cloud delivered endpoint protection and advanced endpoint detection and response across multiple-domain control points
- Industry-leading machine learning and behavioral modeling
- Secure internet access and control cloud app usage from enterprise networks, branch offices, and roaming users
- Advanced threat protection capabilities to detect, block, and remediate threats faster, prevent data loss, and secure important information in transit with end-to-end encryption
- Threat intelligence and research regarding cyber threats, which helps clients mitigate ransomware attacks before they impact the enterprise
- Protection from malicious URLs host ransomware through advanced threat intelligence
MDR-Complete with ransomware defense is available in a turnkey solution using Cisco technology or can use an enterprise’s already existing security solutions.
The turnkey Cisco solution comprises:
- Cisco Talos provides threat intelligence with updates on the latest threats.
- Cisco Secure Endpoint monitors users’ PCs and mobile devices network connections integrating prevention, detection, threat hunting and response capabilities with analytics.
- Cisco Secure Email detects, quarantines, investigates, and remediates cyberattacks that target enterprise email systems.
- Cisco Secure Cloud Analytics collects and analyzes network data to detect threats automatically that manage to infiltrate the perimeter, and even the ones that originate from within.
- Cisco Secure DNS offers advanced threat intelligence to protect against malicious URLs hosting ransomware.
MDR-Complete is available and is priced on a per-user basis based on the number of seats ordered by an organization. For more information: https://torchlight.io/solutions/managed-security-services/managed-detection-and-response/