Uncover hidden risks and unknown threats in minutes, not days. A Managed Service that empowers your Security Operations with behavioral analytics that improves your Cyber Resilience. Features ability to ingest telemetry from endpoints, networks, clouds and other sources. Service that is 97% noise free, and simply not another altering service, by providing you with access to Threat Hunters, Incident Responders and Digital Forensic Investigators.
2024: Domino Containers - The Next Step. News from the Domino Container commu...
OpenText Managed Extended Detection and Response (MxDR)
1. SERVICE OVERVIEW
Managed Extended Detection
& Response (MxDR)
Uncover hidden risks and unknown threats in minutes, not days
OpenText Managed Extended Detection and Response (MxDR)
integrates with leading technologies and is built on 30 years of
digital forensic and incident response expertise.
OpenText MxDR security personnel each have more than 20
years of experience working as threat hunters, and on breach
response investigations and malware analysis engagements.
This extensive experience and understanding of threat actors’
behavior using tactics, techniques and procedures (TTPs)
leads to faster time to value and identification and remediation
of risks. OpenText continuously builds on this experience
by improving its detection and response capabilities and
developing advanced algorithms for threat modeling.
137 Million
secured end points
99.99%
uptime in our cloud
100,000+
Customers
89 of the 100
largest companies
in the world use
OpenText
2. 2/4
Managed Extended Detection & Response (MxDR)
Advanced threat detection & analytics
From the OpenText virtual Security Operation Center (VSOC), OpenText MxDR
provides comprehensive 24x7x365 security monitoring supported by machine
learning and MITRE ATT&CK behavioral analytics and detection. OpenText’s next-gen
cloud-based Security Information and Event Management (SIEM) can ingest any
log source and develop correlations from telemetry collected on desktops, laptops,
servers, firewall, IoT devices, Intrusion Detection System (IDS), proxy and other
telemetry sources using artificial intelligence and advanced workflows.
OpenText continuously develops custom content in its SIEM based on its threat
research, delivering a 99% detection rate and 30-minute mean time to detection
(MTTD). Response can be automated based on alert criticality to ensure the fastest
path to threat remediation, and the remediation can be controlled in a hands-on
fashion—and most importantly the validation of threats. Advanced threat detection
and analytics will provide deep insights into where threats originate and the overall
impact to the business.
Integrated threat intelligence
OpenText MxDR leverages multiple technologies that differentiate it from other
providers. One of these technologies, threat intelligence is integrated with OpenText’s
next-gen SIEM, helping the business understand the scope and impact of any
security event. BrightCloud threat intelligence also allows the correlation to be drawn
between data sets of known malicious files and data points identified from ingested
log sources. Having threat intelligence directly integrated allows for immediate threat
validation to known malware. In addition, endpoint and network technologies are
integrated into the solution with people, processes and procedures in the event of a
0-day or targeted event.
Alert validation & noise reduction
OpenText workflows are unmatched in the industry and can reduce alert and event
noise up to 97%, leaving analysts and security personnel more time to focus on
patching, upgrades, configurations, etc. Organizations benefit from OpenText’s
ability to correlate data effectively, while a reduction in event noise and false positive
alerts saves analysts’ time, provides confidence in findings and increases accuracy
of threat identification.
OpenText MxDR
97%
alert noise
reduction
99%
detection
rate
1
Onboarding
a. Telemetry ingestion
b.
Relay and agent
deployment
c.
XDR deployment and
configurations
d.
Ticketing system
integration
2
Platform customization
a. Platform optimization
b. Alert configuration
c. Dashboard creation
d. SOAR enrichment
3
Advanced detection
a.
Creation of custom
content (TTP)
b.
24x7x365 monitoring
and realtime detection
c.
MITRE ATTCK®
detection rules
d. Threat intelligence
e. Advanced threat hunting
4
Response
a. Rapid incident response
b. Malware remediation
c. Root cause analysis
d. DFIR services
3. 3/4
Managed Extended Detection Response (MxDR)
by OpenText
OpenText MxDR services are designed to provide confidence in detecting unknown
risks and threats, before they can do damage to a business. It provides:
• Faster time to detect and respond to threats
• Threat correlation and analytics
• Realtime detection and automated alerting
• Daily automated reporting
• Advanced workflows
• Custom IOC creation
For more information contact us at securityservices@opentext.com
MxDR Enterprise
Data sources
Endpoints, servers, web servers and cloud-based
systems ✓
Enterprise (N/S) firewall ✓
Office 365® audit logs ✓
Cloud audit logs ✓
Proxy ✓
MxDR features
400+ TTPs ✓
24x7x365 threat detection monitoring ✓
MITRE ATTCK detection condition sets ✓
AI/Machine learning/Behavioral detection ✓
SIEM, EDR, network relay ✓
Realtime detection ✓
Realtime alerting ✓
Threat intelligence service ✓
Threat hunting ✓
Incident response ✓
Training ✓
Custom content development ✓
Managed Extended Detection Response (MxDR)