MANAGED DETECTION & RESPONSE | MDR

Risk-aligned Operational Resilience

Internationally recognized turnkey threat detection and response service that helps organizations to manage operational risk and significantly reduce the mean time to detect and respond to cyberattacks. At Obrela, we identify, predict and prevent cyber threats in real-time. As a Service. Personalized. On-Demand.

We protect clients through a combination of MDR products based on their size, technology stack and security profile that can cover a wide range of needs and security requirements

ACCESS THE GARTNER MDR GUIDE

Obrela has been included in Gartner's MDR Market Guide. Download to learn more about the latest MDR Service providers

Download Now
  • OVERVIEW

    Our MDR is a mission-critical service that combines artificial and human intelligence to dynamically protect your digital universe and digital assets by identifying, predicting, and preventing cyber threats in real-time.

    Utilizing a cloud-native PAAS technology stack, our purpose-built Global and Regional Cyber Resilience Operation Centers (ROCs) provide continuous visibility and situational awareness to ensure the security and availability of your business operations. When cyber threats are detected, rapid response services ensure operational resilience is restored and maintained with minimal client impact.

MDR PRODUCTS

  • MDR Core services based on Endpoint Detection and Response (EDR) are designed to provide organizations with continuous monitoring, detection, and response capabilities at the endpoint level.

    • 24×7 Managed Detection & Response
    • Comprehensive endpoint security
    • Advanced threat detection
    • Active response to security incidents
    • Compliance with industry regulations
    • Cost-effective solution
    • Endpoint and Server real-time detection and response
    • Scalable threat detection technology stack
    • On Demand coverage.
  • MDR INFRA is a service designed to provide comprehensive protection against advanced cyber threats and attacks that target critical infrastructure components.

    • 24×7 Managed Detection & Response
    • Comprehensive visibility and readiness 
    • Scalable threat detection technology stack
    • Built-in Automation and Orchestration
    • MITRE ATT&CK framework
    • 3D Visibility
    • Unlimited Breadth and Depth
    • Interoperability Guarantee.
  • MDR Cloud allows protection for 24/7 Managed Detection and Response for your Microsoft Cloud Ecosystem. With machine learning, at its core MDR Cloud ensures that data are parsed and monitored on a real time basis.

    • Advanced Threat Detection 
    • 24×7 Managed Detection & Response
    • Comprehensive Visibility
    • Scale on Demand
    • Custom Client content development
    • Data Residency
    • Rapid Customer onboarding
    • Intelligence Driven MDR.
  • MDR for Vessels is purpose-built to address maritime cybersecurity challenges by providing a comprehensive cybersecurity solution that covers both Vessel IT and OT systems. MDR for vessels provides the highest level of protection against cyber threats and helps to minimize the risk of cyber incidents that could disrupt vessel operations or compromise sensitive data.

    • Real-time Signature and Anomaly Based Threat Detection
    • Alerts Criticality Prioritization
    • OT Security Monitoring Integration
    • Honeypot
    • Bandwidth Management
    • Solution Remote Access
    • Vessel Logs Routing
    • Web UI.
  • MDR for OT offers extended detection and response (XDR) that is rapidly deployed and works with diverse endpoints, IoT, OT, and industrial control system (ICS) devices. MDR OT takes security to the next level by looking at the devices on the network; where most attacks target. Active Threat Detection discovers devices, then using native language queries classifies all OT assets even when they aren’t communicating in the network.

    • Advanced Threat Detection 
    • Deep Situational Awareness
    • 24×7 Managed Detection & Response
    • Compliance with industry regulations
    • Cost-effective solution
    • Comprehensive Tracking
    • Interoperability
    • Asset Management.
  • MDR for the BRAND is an integral service to Obrela MDR products providing protection for all client external digital risks. It is supported by a 24×7, full-spectrum external threat intelligence, protection and response solution that provides comprehensive visibility and protection across the surface, deep and dark web.

    Our MDR Brand service covers:

    • Threat Intelligence
    • Credential Exposure
    • Impersonating Domains
    • Certificate Issues

    plus any of the following add-on modules:

    • Data Loss Detection (DLD)
    • Online Brand Security (OBS)
    • Attack Surface Reduction (ASR)

    The customer may select any combination of the above add-on modules on top of the core components.

MDR OVERVIEW

    • Endpoint Protection
    • Events Management
    • Active Response

    MDR CORE

    • Threat Intelligence
    • Events Management
    • Compliance
    • Analytics
    • Infrastructure Protection

    MDR INFRA

    • Events Management
    • Compliance
    • Threat Management Stack
    • Cloud Protection

    MDR CLOUD

    • Compliance
    • Critical Infrastructure
    • OT Protection

    MDR OT

    • Cross Border Correlation
    • OT & IT Visibility
    • Vessel Protection

    MDR VESSEL

    • Intelligence
    • Emerging Threats Visibility
    • Digital Asset Protection

    MDR BRAND

SERVICE CAPABILITIES

  • SOCaaS

  • Blue Team Support

  • Threat Hunting

  • Incident Response

WHY OBRELA MDR

MDR provides a cost effective, on demand solution that delivers the outcomes without the operational challenges so clients can confidently focus on their core business.

  • Risk Based Approach

    Manage and mitigate threats based on the business risk. We prioritize the most important issues in real-time, so you make focused decisions.

  • Real-time visibility over your digital universe

    A single pane of glass that offers extended detection and response (XDR) that works across complex digital infrastructures with diverse endpoints, IoT, OT, and industrial control system (ICS) devices.

  • Cyber Security As a Service Model

    Our SAAS based MDR model removes the barriers to entry offering a service experience based on outcomes with predictable pricing and no hidden costs.

  • Adaptive

    Our MDR platform can easily adapt to the client’s security requirements.

  • Artificial and Human Intelligence combined

    MDR leverages AI-powered risk management and automation technology along with human-led analysis and threat hunting to deliver a comprehensive solution.

  • 24x7 Protection

    Fully staffed Global and Regional Resilience Operation Centers that engage with customer data daily and have skills and ensure continuous and uninterrupted monitoring as well as Emergency Response.

  • Unified Operations and Service Provisioning Fabric

    As the single point of service for our MDR solutions, SWORDFISH provides a unified and technology-agnostic SOAR and service provisioning fabric for our clients’ operations. Obrela delivers superior protection and faster incident response times to maintain a strong security posture.

  • Continuous Algorithmic Development

    With embedded Obrela proprietary Hardcore© Content that embodies over 10+ years of continuous research and ongoing algorithmic development and experience in operational security we serve multiple clients and many industries across the globe.

  • Proactive Approach

    The MDR Services encompass both reactive activities and proactive measures. Proactive measures aim to enhance real-time threat detection.

  • Detection of Emerging and Unknown Threats

    We constantly develop and improve our algorithms to ensure accurate and timely identification of evolving, emerging, and zero-day threats.

  • Digital Surface Exposure management

    Aim to prevent attacks by reducing the digital surface exposure in the customers environment, user accounts and cloud applications.

  • MDR Service Governance

    Service Governance is ensured through the Customer Security Success Manager, who serves as the point of contact for understanding clients’ needs and security requirements.

  • Alert context associated with Cyber Kill Chain and MITRE ATT&CK framework

    To enhance threat detection, facilitate response planning, and promotes continuous improvement in cybersecurity.

MDR BROCHURE

Access the brochure and learn more

Download

SERVICE CAPABILITIES

MDR services combine technology, expertise, and proactive monitoring to provide organizations with a comprehensive suite of capabilities to detect, respond to, and mitigate cyber threats. By leveraging these services, organizations can bolster their cybersecurity defenses and effectively combat sophisticated and evolving threats

SERVICE OVERVIEW

As a mission-critical component of our Managed Detection and Response (MDR) service, Obrela’s SOC-as-a-Service (SOCaaS) delivers real-time situational awareness and protection against cyber threats. Our next-generation global and regional Resilience Operations Centers (ROCs), staffed by highly experienced security and threat analysts, operate on a 24/7/365 basis to detect and mitigate potential security threats early on the attack lifecycle.

Learn More

SERVICE OVERVIEW

The objective of Blue Team Support is to support Global and Regional Resilience Operation Centers with the necessary assistance to ensure effective incident management, escalation, and mitigation. This approach allows SOC teams to focus on their primary mission of continuous threat monitoring and incident response improving operational efficiency and resource optimization. Blue Team Support is a specialized security operations function designed to bolster Obrela’s Resilience Operations Centers (ROCs) on a global scale.

Learn More

SERVICE OVERVIEW

Threat hunting services combine knowledge, intuition and automation to proactively search for covert signs of an active or attempted compromise. Leveraging advanced analytics and threat intelligence to investigate and manage malicious activities for our clients Obrela’s Threat Hunting team actively performs advanced Threat Hunts to identify threat actors and gaps in the organization infrastructure and security areas of further fine tuning. By combining the power of MDR with proactive threat hunting, we deliver comprehensive security coverage, enhanced threat detection, and rapid incident response to ensure your organization is well-equipped to combat sophisticated cyber threats.

Learn More

SERVICE OVERVIEW

Proactive Incident ensures fast response and mitigation to cyber threats and is provided as part of the MDR service. Proactive incident response ensures fast response and mitigation to cyberthreats. With a Mean Time of less than 15 minutes our SOC Analysts and global Threat Hunting teams rapidly respond to investigate, contain, and mitigate threats.
Obrela is approved under the recognized UK national body CREST Cyber Security Incident Response (CSIR) scheme.

Learn More

SERVICE OVERVIEW

The Platform Engineering and Support team encompasses all preventive maintenance and operations-driven technical tasks related to the Swordfish SaaS platform and the customers’ CPE and integrations with their systems. The Customers reach the team via Swordfish SRM for technical requests.

Learn More

SERVICE OVERVIEW

The Advanced Computer Security Incident Response team (CSIRT) provides support and guidance for eradication and containment of security incidents. An incident response capability also helps with dealing properly with legal issues that may arise during incidents.

Learn More
  • TECHNOLOGY STACK

    Designed to revolutionize threat detection, response, and remediation across a wide array of security tools and platforms, our cutting-edge OPEN XDR Technology Stack creates a seamlessly unified ecosystem proving unprecedented levels of visibility, detection prowess, and incident response efficiency.

  • OPEN XDR TECH STACK

    Obrela’s Open XDR Threat Detection Stack is a comprehensive multi-tenant platform developed by MDR professionals. Our state-of-the-art Open XDR Platform operated 24x7x365 is pro-actively monitoring network systems and applications looking for suspicious activity and notifying when security events require additional analysis, investigation, or action. The advanced real-time correlation and behavioral analysis capabilities of our platform identifies the relevance of any given event by placing it within context of who, what, where, when and why that event occurred, in order to derive its impact on business risk terms.

  • REVOLUTIONIZING THREAT DETECTION

    Open XDR Threat Detection Stack:

    • Enables security data processing and precise reporting at scale.
    • Unleash the full potential of your security infrastructure as our MDR Technology Stack
    • Harmonizes diverse security technologies, enabling them to work in perfect synergy.
    • Gain a holistic understanding of your security landscape,
    • Uncovers hidden threats and respond swiftly to incidents with confidence.
    • Is highly scalable and can be extended to cover your complete digital universe.

TECHSTACK CAPABILITIES

Our advanced security technology stack leverages real-time human-augmented machine learning and threat analytics to deliver early detection of cyber threats. Designed with a focus on understanding the “attack logic” and exploitation path of advanced and determined adversaries, our solution harnesses powerful machine-learning techniques and encapsulated offensive and defensive expertise to continuously analyze and model relevant activity.

The technology uses modern techniques such as telemetry and APIs to exchange data and instructions over the digital universe, independently of the underlying technology stack and logical layers such as cloud, data centers, and digital assets. With over 1,000 collection methods available, the SWORDFISH DATA BUS enables comprehensive visibility across the entire customer attack surface, providing valuable insights.

Our exposure management service enhances detection capabilities by combining the latest threat intelligence with a deep understanding of the digital surface. This allows us to develop an accurate, prioritized list of current vulnerabilities, limiting exposure to both known and unknown threats.

Our technology stack is cloud-native and designed with a security-optimized data architecture that unifies the ingestion, parsing, and analysis of security data. This allows our platform-as-a-service (PAAS) architecture to dynamically scale, compute, and reserve resources as needed, ensuring maximum efficiency and security.

The technology stack provides Real-Time Threat Intelligence by parsing and fusing structured and unstructured security data from clients with global threat intelligence. This generates actionable intelligence for new, emerging, and advanced security threats, giving clients a unique advantage in predictability, preparation, and response.

SWORDFISH® Platform allows to orchestrate threat detection and response process, integrating existing service and ticket management systems that help clients implement and turn-up services to support the activities performed and the outcomes being delivered.

As a multitenant by-design Obrela allows for full multitenant views and dashboards, along with role-based access control and efficient user provisioning and management for the simultaneous support of multiple monitored environments. Efficient and seamless two-way integration with existing client security SOAR, workflow and ticketing systems.

Efficient and seamless two-way integration with existing client security SOAR, workflow and ticketing systems.

Our platform has the ability to perform “forensics on the fly”, run ultra-fast searches of raw and structured log data with speeds to Million Events per Second, without any concerns regarding technology risks, deployment, storage size monitoring, scalability, security, and performance, reducing hours of manual effort.

INTEGRATION AND INTEROPERABILITY

Our data collection layer incorporates technology, for source-optimized enterprise-scale collection models across diverse security and transactional silos:

Integration with Log Data and Transactional Sources | Native integration with Obrela XDR technologies | Cyber Intelligence

  • Library of OOB (out of the box) log collectors
  • Complete auditability solutions across Cloud Providers Tenant, IaaS, PaaS resources
  • Integration with SaaS Platforms
  • Specialized log integrations for industries such as Telecom
  • Integration with custom built enterprise application and legacy software
  • Ability to utilize modern technologies like Elastic datastores, queues, balancers, etc through SecDevOps

DIGITAL UNIVERSE REPORT

Obrela’s data correlation capabilities combined with our deeply sophisticated analysis result in a unique insight upon the threat landscape (Highlight stats for H1 2023)

Download
  • Increase in "Inadvertent Actors" Attacks

  • Increase in "Malware Infection/Delivery" Attacks

  • of Attacks target 'Banking & Finance' sectors

  • of Attacks in "Oil & Gas and Energy" sectors target OT environments

  • concern "Lateral Movement", of total cases escalated