To assess threats, NetSafe® MDR analyzes all activity on your devices. It uses AI to differentiate between legitimate and suspicious actions, moving them through a progressively more intense evaluation process.
Total Events
This is every single event the platform ingests. For most businesses, this is a large number since a significant portion of these events are just normal, legitimate activities.
Escalated Events
This smaller group consists of events identified as unusual or anomalous. These events, typically 5–10% of the total, warrant a closer look. Often, our system can contain potentially problematic activity to prevent further issues.
Investigated Events
These are the events that require a deeper analysis from our Security Operations Center (SOC). This is a very small number of activities.
Responded Events
These are the events the SOC has confirmed as legitimate threats. At this stage, the SOC works to remove the threat and minimize any damage.
You will receive a monthly report detailing all activity. If an event escalates into an active threat, we will notify you right away.
NetSafe MDR's system is designed to find threats using tactics and techniques outlined in the MITRE ATT&CK framework, a database of known behavior. It proactively looks for suspicious activities like remote access, changes to systems, and credential modifications. By using constantly updated rules, NetSafe MDR can quickly analyze activity and identify potential issues.
