The expanded MXDR platform features four new modules for dynamic adversary intelligence, digital risk protection, threat hunting and mobile device security. “MXDR by Deloitte” now offers:
Cyber Security Intelligence (CSI). An expansion of the platform’s core intelligence body of knowledge, CSI data includes Deloitte’s own proprietary sources and tools, as well as CrowdStrike Falcon X automated threat intelligence. CSI provides actionable Indicators of Compromise (IoCs), threat notifications, threat actor profiles, industry landscapes, automated sandbox analysis, as well as threat briefings requests for information (RFIs).
Dynamic Adversary Intelligence (DAI). The DAI module assists clients as they conduct over-the-horizon adversary investigations. DAI uses the open web without the need to deploy sensors into a client environment. It also collects intelligence data from the dark web, ransomware, cryptocurrency and network enumeration of malicious cyber actors and nation states. The module can help organizations improve the relevancy and expand the intelligence data they use in security decision-making.
Digital Risk Protection (DRP). The DRP module offers a channel through which organizations can follow their external “digital footprints” across the open, deep and dark webs, including mobile apps and social media. It alerts organizations to threats, such as potential intellectual property exposure, and also when potential email, credential, brand and other misuse are found.
Active Hunt and Response (AHR). The AHR module delivers next-level active hunting capabilities, inclusive of Deloitte’s own analytics. A new dissolvable, in-memory hunt sensor offers a distinct method to collect telemetry, engage and defeat adversaries silently. AHR can be deployed via the full platform or as a stand-alone on-site capability for specific client mission needs.
Mobile Prevent, Detection, and Response (MPDR). As mobile device management programs can struggle to keep pace with security needs for growing and diversifying on-network mobile devices, Deloitte has expanded proprietary hunt capabilities offered for mobile within the MPDR module. The module is now also fully integrated with CrowdStrike Falcon for Mobile Endpoint Detection and Response (EDR) and CrowdStrike’s mobile threat defense (MTD).
Deloitte’s earlier MXDR modules included: prevention, detection and remediation for endpoints; cloud security workloads; identity; insider threat, proactive hunting, intelligence, attack surface and vulnerability management; and unified XDR log and analytics management.
MXDR’s Proactive Defense and Intelligence Capabilities
“As the threat landscape continues to change rapidly, we want to offer our existing and future clients’ access to what we call the ‘next generation’ of threat intelligence and threat hunting capabilities. With this new MXDR expansion, we focused on helping organizations take a more proactive defensive posture in their cyber programs — whether they choose to do so via our whole platform or use of just a few of our MXDR modules.”
The announcement follows Deloitte’s release of the Zero Trust Access managed security service to help organizations secure communications between end-users across their devices and applications, as reported by MSSP Alert on July 11.