NEW PRESS RELEASE: SOD Awarded $2.2 M Grant to Futher Develop AQ Technology | Click Here
Linkedin
Twitter
Envelope
logo-horizontal-white

What is ThreatWatch RAR?

ThreatWatch RAR is our fully-integrated Response & Remediation service that ties threat detection to action.

“Time-to-Detection” is everything when detecting cyber threats. If you cannot detect threats early and then respond quickly, you are not getting the most out of your MSSP or solution. Take back the control or give control access to our SOC to isolate, disconnect, and manage any devices affected by a cyber attack.

What's included in ThreatWatch RAR?

ThreatWatch Response & Remediation (RAR) provides you with orchestration capabilities such as containment and quarantine actions. The RAR service allows the SOC to perform forensic examinations of endpoints and servers that exhibit malicious activity and then to take action on the information that has been gathered during the investigation. 

ThreatWatch RAR is provided as an add-on service to ThreatWatch MDR and is provided as an enhancement to the core threat analytics service. The endpoints and servers you would like to use on the service can be configured to use and agent-based or agent-less approach to taking orchestrated actions.

Beyond Managed Threat Detection & Response, the ThreatWatch RAR service includes the following:

  • Targeted Threat Analysis of your endpoints in question to validate potential threats or malicious activity.
  • A Response and Containment process built to identify the given risk and to then allow appropriate action to be taken based on the investigation.
  • Tuning of the response and remediation process with quarantine exclusions given by the client to ensure efficacy.
  • Response Coverage provided by Security On-Demand's 24x7x365 Security Operations Center.
  • Client Portal Access to give visibility into all investigations and actions taken by the SOC or requested actions by your organization.
  • Regular Reports can be provided on a monthly basis via the Client Portal that provides information on alerts and events.

How ThreatWatch RAR Works:

Correlate Such Activity With Logs, Alerts, And Other Information Received
Direction Arrows
Monitor The Alerts, Logs, And Output Provided By The Advanced Threat Hunting Activities
Direction Arrows
Validate The Threat As Part Of The Triage And Investigation Process
Direction Arrows
Tune And Provide Continual Feedback To Ensure That Normal System Behavior Is Baselined

FOR MORE INFORMATION, DOWNLOAD OUR SERVICE OVERVIEW.

WE LOOK EVERYWHERE TO FIND ALL THE THREATS

Get Service Overview

See what ThreatWatch RAR can do for you:

Fill out the form below for a 1-hour Engineering Consulting Session with one of our experts: