Endgame, an endpoint protection platform provider, and MSSP Expel have launched MDR (managed detection and response) services that offer round-the-clock monitoring, threat detection, incident response and threat hunting capabilities.
The two services -- Expel 24x7 for Endgame and Expel hunting for Endgame -- are built on the Endgame endpoint protection platform, which protects organizations against exploits, malware, fileless attacks and ransomware. The platform also delivers online and offline protection, along with analytics and visualization capabilities.
In addition, Expel 24x7 for Endgame and Expel hunting for Endgame allow organizations to proactively hunt for cyber threats in IT environments and address the root cause of recurring incidents, the companies assert. They are backed by Expel security analysts who monitor organizations' IT environments and detect cyber threats and filter out false-positive alerts.
What Are Endgame and Expel?
Endgame unifies threat prevention, detection and hunting. It enables MSSPs and other partners to offer a variety of cybersecurity services, including:
- Compromise Assessment: Offers an analysis of an active or recent security breach in an IT environment.
- Incident Response: Enables organizations to quickly respond to cyberattacks; Endgame offers continuous and emergency incident response services.
- Managed Endpoint Detection and Response (EDR): Provides continuous endpoint threat monitoring and prevention.
- Managed Threat Hunting: Delivers a threat hunting-as-a-service to stop cyberattacks that bypass an organization's security technologies.
Expel provides a "transparent" managed security service, according to the company. It combines the Expel Workbench interface and security monitoring, enabling organizations to work with security analysts to identify and address cyberattacks.
Key features of Expel's transparent managed security service include:
- Alerting: Provides a timeline that shows what happened before, during and after a security incident.
- Dashboards: Track the performance of a company's security analysts and identify improvement areas.
- Investigation and Response: Offers insights into security incident investigations.
- Monitoring: Ensures 24×7 threat monitoring of IT environments.
- Threat Hunting: Delivers proactive hunting for malicious activity in IT environments.
Expel also uses a SOC-as-a-service (SOCaaS) model that enables organizations to offload routine security monitoring so their own security teams can focus on key risks, the company noted. That way, Expel customers can leverage SOC capabilities without significant cost and time investments.