Falcon Complete (MDR)

1. Prioritization

Managed prioritization helps organizations that struggle with the daily effort of sifting through their massive volume of alerts determine which to address first. Often referred to as “managed EDR,” managed prioritization applies automated rules and human inspection to distinguish benign events and false positives from true threats. The results are enriched with additional context, and distilled into a stream of high-quality alerts.

2. Threat Hunting

Behind every threat is a human being who’s thinking about how to avoid being caught by their targets’ countermeasures. While machines are very smart, machines are not wily: a human mind is needed to add the element that no automated detection system can provide. Human threat hunters with extensive skills and expertise identify and alert on the stealthiest and most evasive threats in order to catch what the layers of automated defenses missed.

3. Investigation

Managed investigation services help organizations understand threats faster by enriching security alerts with additional context. Organizations are able to more completely understand what happened, when it happened, who was affected, and how far the attacker went. With that information, they can plan an effective response.

4. Guided Response

Guided response delivers actionable advice on the best way to contain and remediate a specific threat. Organizations are advised on activities as fundamental as whether to isolate a system from the network to the most sophisticated, such as how to eliminate a threat or recover from an attack on a step-by-step basis.

5. Remediation

The final step in any incident is recovery. If this step is not performed properly, then the organization’s entire investment in its endpoint protection program is wasted. Managed remediation restores systems to their pre-attack state by removing malware, cleaning the registry, ejecting intruders, and removing persistence mechanisms. Managed remediation ensures that the network is returned to a known good state and further compromise is prevented.