Bitdefender has introduced a managed detection and response (MDR) service that combines solutions from its security portfolio with outsourced incident response assistance.
The new offering, which began a phased rollout this week, is designed to help MSPs manage a never-ending torrent of alerts more effectively by offloading some of that task to a skilled third-party.
“They need experienced security analysts to really help them investigate those alerts and be efficient in responding to incidents,” says Alina Draganescu, senior director of security for managed service providers at Bitdefender.
Subscribers to the service receive the vendor’s GravityZone Ultra endpoint and network protection platform, which includes endpoint detection and response functionality, and its Network Traffic Security Analytics solution. Those systems, which both draw on Bitdefender’s back-end threat intelligence engine, feed telemetry to a security operations center in San Antonio offering 24/7 monitoring and incident response services, as well as proactive threat hunting scans.
“This is not only reactive service provisioning,” Draganescu notes.
Real-time and monthly reporting data is included as well, along with endpoint risk analytics, security policy tuning guidance, and access to a security account manager.
There are two subscription options. One, called “expert advice,” suggests mitigation steps after attacks that users can implement themselves. Aimed at larger organizations with some degree of security know-how, the service leaves MSPs in complete control of customer infrastructures.
“The MSP can actually fully manage their end customer environment while the Bitdefender MDR team provides curated recommendations for the MSP to take during a potential customer incident,” Draganescu says.
The other option, called “expert response” and targeted at smaller MSPs with less in-house expertise, includes outsourced remediation support. “[It] gives the Bitdefender MDR team the ability to perform real-time changes in the customer environment when security incidents are identified,” Draganescu says. Those actions are limited to a specific set of interventions approved by the MSP in advance.
The expert advice service is available now. Expert response will reach market by end of August. Both services employ usage-based, pay-as-you-go pricing.
According to Draganescu, MSPs can employ MDR services from Bitdefender to reinforce and extend the protection they offer customers. “Some of them are not really able to provide 24 x 7 capabilities, but on the other hand their end customers expect 24/7 protection,” she notes.
At a time when MSPs themselves are increasingly under attack from cybercriminals, subscribers can also use the service to better defend their own environment. “We can provide the MDR services for the MSPs themselves,” Draganescu notes.
Other providers of MDR services include ConnectWise, Arctic Wolf, SOCSoter, and eSentire. Sophos introduced a managed threat response service as well last October.
Earlier this month, Bitdefender added “human risk analytics” functionality to GravityZone that monitors individual user behavior and factors potentially dangerous actions into an organization’s overall risk profile.