Proper Protection

Should be Tailored

to your Business

In 2023 there was a collective 4.45

million lost due to data breaches. (Forbes)

 

The USA has the highest costs

for a data breach. (IBM)

 

The USA was the target for 46% of cyberattacks

that happened in 2020. (Microsoft)

 

Don’t leave your business at risk!

 

FlexMDR

FlexMDR is for the customers that want to actively monitor security and event logs direct from specific security or network products they have invested in.

FlexMDR's product integration to Vertek’s SOAR/SOC Platform, Management, Tuning, and MDR Operations are performed by Vertek. Vertek's FlexMDR services are provided on a 7 day 24 hour basis.

FlexMDR can provide detection and response across the IT environment and can be intergrated with 500+ products.

Premium capabilities in all MDR Service Packages:

The Vertek Flex MDR service continuously monitors clients’ networks and endpoints for any signs of malicious activity to quickly mitigate any threats before they do damage.

Clients’ organizations are continuously protected against the latest threats with Vertek’s team of security experts monitoring the threat landscape 24/7 and developing new methods to detect and respond to threats.

Automated response capabilities quickly contain and remediate threats, reducing the impact of a security incident and minimizing the time and resources required to recover from such an event.

Flex MDR includes detailed reporting and insights to monitor an organization’s security posture. Data identifies areas for improvement and the effectiveness of security measures over time, with the option to add-on Vertek’s Managed Threat Intelligence (MTI) Success Model.

Vertek’s Flex Managed Detection & Response (MDR) = all of the benefits from a world-class SIEM, plus enterprise-wide security coverage from a 24×7 Security Operations Center.

Incident Response

Vertek Active Response/ Automation Capabilities

Email Gateways
• Quarantine/delete email identified as having malicious content or content in violation of policy
EPP/EDR
• Terminate processes
• Delete files
• Get device info
• Isolate nodes
• Pull forensic data
• Hunt for Indicators of Compromise (IOCs)
• Lookup domain, file or IP address reputation
• Start EPP scans on remote nodes
• Reboot a device
• Rollback a device configuration to last known good state

Firewalls, IDS/IPS, Routers, SDWAN, Web Gateways, and VPNs
• Block traffic by port
• Block traffic by IP address / range
• Isolate nodes
IAM
• Get user info
• Suspend/delete user
• Force step-up authentication event
ITSM
• Get ticket info
• Create/update tickets
• Reassign tickets
• Close Tickets
SIEM
• Execute Queries

Services Backed by Monthly Analyst-Led Security Reviews

Review Detection

Operational Transparency:

✓ True Positives alarms by intent and time of day provide a window into the types of attacks your business is facing
✓ True Positives strategies by time of day provide a valuable approach to your
overall security plan
✓ Alarms by severity provides a quick reference into your security posture
✓ True positive alarm trends provides visibility into when more resources and focus may be needed

Review Response

Concise, Informative, Actionable:

✓ Average Center pick up time by severity
✓ Alarms resolution trend information
✓ Alarm deflection percentage
✓ Average resolution time by severity
✓ Alarms communicated by month

Document and Track

Monthly Incident and Action Dashboard

✓ Deployment Status & Environmental Changes
✓ Outstanding and Important Alarms, Vulnerabilities
✓ Service Tuning and Maintenace Tickets
✓ SIEM Total Events and Statistics
✓ Document Network Changes | Critical Vulnerabilities
✓ Generate and Track Client & Vertek Action Items
✓ Critical Prioritization and Remediation Guidance
✓ Track Client Signoff on SIEM Filtering and Suppression

FlexMDR Services

FlexMDR modernizes security operations capabilities- it can create, evolve or flex existing security stack

You will Gain 24/7 Managed Detection and Response Platform and Service capabilities

Your business will stay ahead of attackers with security POD – enabling resource agility, flexibility and scale

Customer Benefits of
Implementing FlexMDR

Reduced Risks of Data Breaches

Respond to Security Events

Document Security Incidents

Increase Peace of Mind

AutomationSLA (003)

Asset Visibility

Know who and what is connected to your environment

SIEM & Log management

Correlate and analyze security event data from across your network and respond

Detection and Response

Continuously monitor your Identities, Endpoints, Apps, Email and Docs, Cloud Apps and IoT devices

Security & Compliance Reporting

Customizable reports for regulation standards and compliance frameworks

Behavioral Monitoring

Powered by AI and ML, Identify suspicious behavior and potentially compromised systems

Threat Analytics and Compliance Reporting

Microsoft Watchlist and Phishing, Vertek OTX, PhishTank, IPQuality Score & VirusTotal