Here at Ingalls, we are committed to the evolution and continual improvement of all our service offerings. Recently, our Managed Detection and Response (MDR) service was expanded to include:
Significantly Increased Incident Response Discovery Hours.
All MDR clients now receive twenty hours per incident for Incident Response Discovery, at no additional cost. This represents a five-fold increase over the discovery hours previously provided and is appreciably more than what is provided by most MDR providers.
“In the past year, we have seen a huge shift in the active exploitation of zero-days,”
says Ingalls SOC Director and Incident Response Lead, Cyrus Robinson. ProxyLogon, Kaseya/REvil, ProxyShell, ProxyNoShell, ManageEngine AD Self Service Plus, Log4Shell, the list is ever-growing. Ingalls recognized that our client’s threat environments are rapidly changing and we’ve expanded our MDR offering in response. Ingalls now performs increased discovery to determine our client’s zero-day level of exposure.
In addition, anytime a client had shown serious anomalous activity or had reason to suspect a compromise, our teams spent extended hours performing compromise assessments. Since we were already performing this level of enhanced incident response discovery we decided to make the increased Incident Response Discovery a formal MDR feature.
Dark Web / Breach Monitoring.
All MDR clients now receive Dark Web/ Breach Monitoring as part of their MDR service, at no additional cost.
Dark Web monitoring involves searching for confidential information in areas of the internet not indexed by traditional search engines. This area of the internet, known as the Dark Web, is known to be frequented by cybercriminals.
Ingalls Dark Web/ Reach Monitoring protects MDR clients by providing early detection of compromised confidential information. To provide this level of enhanced protection, Ingalls:
- Monitors for compromised user credentials including email addresses, user names, and passwords
- Analyzes data to determine if it belongs to high-risk privileged users
- Observes data breach forums, enabling advance warning of attacks being planned or in early execution
- Provides alerting when compromised credentials are discovered on the dark web allowing for faster response and more efficient risk mitigation
- Funnels discovered threat data into the MDR security stack to provide comprehensive protection for all MDR clients
- Provides the Ingalls SOC with the capability, on an as-needed basis, to investigate for references to client domains, email addresses, IP addresses, credit card numbers, etc. in sources that include:
- Tor darknet sites/hidden services (.onion domains)
- I2P darknet sites/eepsites (.i2p domains)
- Paste sites (pastebin.com, hastebin.com, etc.)
- WikiLeak Sites (WikiLeaks, Cryptome, etc.)
- Discovered Public Data Leaks
- Discovered Private Data Leaks
- Public Web sources including (.ru Russian TLD, .de German TLD, .gov US government TLD, .kp North Korean TLD, .peer Decentralized blockchain TLDs)
How Ingalls Information Security Can Help
Ingalls Information Security understands cybersecurity. Since 2010, we’ve been in war rooms and boardrooms, investigating computer networks targeted and attacked by criminals and nation-state-sponsored hackers. This experience gives us a powerful edge in preventing and responding to cyberattacks.
Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection, and response guidance leveraging a defense-in-depth approach. We do this by utilizing the very latest in cloud, big data analytics technology, and machine learning along with the cybersecurity industry’s leading incident response team, to identify threats to your environment.
If you’d like to learn more, please download our MDR Guide, check out our Blog: MDR, What’s it All About, or contact us here. One of our cybersecurity experts will be more than happy to assist you and answer any questions you may have.