Endpoint Detection & Response
Endpoint Detection & Response
Organizations are facing ever-increasing challenges when it comes to securing endpoints: short device lifecycles, constant software updates, growing data volumes and employees who want more flexibility, connectivity and mobility.
Microsoft Defender for Endpoint
combined with terreActive's Managed EDR services provides your organization with protection against threats and gives you peace of mind to face the challenges mentioned above.
- Visibility: Detect threats and vulnerabilities
- Real-time: Immediate response to attacks around the clock by terreActive's Incident Response Team
- Tuning: Continuous monitoring of whether all security solutions have been implemented correctly, are working properly and are up-to-date
- Minimize complexity and cost of IT management through EDR services and automation
- Gain time to focus on strategic tasks
- EDR protects where most attacks happen, directly on the client.
- EDR allows a fast rollout and can be extended with additional solutions (e.g. SIEM) at any time.
- EDR offers detect & respond in one.
- Managed EDR conserves your own resources and gives you access to our SOC expertise.
More security by combining detection, service and automation
The EDR solution allows you to build a comprehensive cyberattack detection capability in a matter of weeks, providing SOC specialists with all the information they need to successfully combat attacks. Automation allows to react in seconds instead of hours and helps to stop attacks immediately!
Modular Service Catalog
Deployment options of Defender for Endpoint
Quickly up and running: Offload your internal IT with managed EDR services.
In addition to threat detection, Microsoft Defender for Endpoint offers options for orchestrating and automating workflows. In combination with terreActive's Managed EDR Services, you can achieve the greatest possible relief for your internal IT from boring routine tasks. From our modular service kit, these services are available to you, among others:
Our security analysts take over the classification of various security incidents or the correlation of EDR alerts with other log sources. Daily monitoring of the customer infrastructure is a must here.
Here our focus is on reducing false alarms within the customer's system. We sharpen Defender's detection mechanisms by classifying alarms, resulting in fewer alarms being generated in the long term. Our tuning continuously increases your security.
Defender for Endpoint already comes with Auto Investigation and Remediation. Our SOC team will recommend tasks that can be automated and select the level of automation that is right for you. Tasks that cannot be automated are handled by security engineers from terreActive's Incident Response Center.
Vulnerability detection is an important area of Microsoft Defender for Endpoint. Our security analysts prioritize based on severity, number and importance of affected devices and initiate appropriate measures. Our Vulnerability Reporting provides timely warning of vulnerabilities and in-depth reports support the development of your systems.
Microsoft Defender for Endpoint at a glance
MS Defender for Endpoint combines various technologies from the Windows 10 operating system and the MS Cloud:
- Endpoint behavioral sensors
- Cloud security analytics
- Threat Intelligence
In your private cloud instance of Defender, behavioral signals are collected, analyzed, and then translated into threat insights, detections, and recommended responses.
Threat intelligence feeds generated by Microsoft and supplemented by partners enable Defender for Endpoint to identify attacker tools and techniques and send alerts.
Broad EDR coverage
terreActive provides managed services not only for or with Microsoft Defender for Endpoint. The practical knowledge gained from other EDR solutions, e.g. Cybereason, also flows into the daily work of our SOC team and benefits all customers across all products.
You already have an EDR?
You have already installed an EDR, but you lack the resources to handle the detected incidents and clarify them in detail? We close this gap and support you selectively with our analysts. This is what we bring to the table:
- 25 years of SOC experience
- Cyber security engineers and analysts in Aarau and Zurich
- Well-rehearsed processes for combating attacks
- Partnerships with leading EDR vendors, including Cybereason and Microsoft