Managed Threat Response is: Protection | Detection | Response
The first line of defense in a good security system is protecting your endpoints. Your endpoints are your desktops, laptops, other mobile devices and your server. Primary protection of these devices is done through an advanced anti-virus, anti-malware and anti-ransomware product that includes artificial intelligence. This is the foundation of a good security system.
Having advanced endpoint protection is critical, but it is not enough any more. The cyber criminals are doing a lot more than just trying to get you to open an infected file. They are using different tactics, which requires different defenses. These different tactics enable them to sneak past your anti-virus and firewall. Once they are past your defenses, they lay low and are nearly invisible. This has been happening over the past several years.
In order to combat this type of intrusion, “threat hunters” are used to detect the inconsistencies on your network, indicating potential threats that need to be neutralized.
Once hidden threats are found that the anti-virus wouldn’t ever notice, the response team will initiate actions to disrupt, contain and neutralize the threats.