Palo Alto Networks this week announced the immediate availability of Unit 42 Managed Detection and Response (MDR), a service providing on-call cybersecurity specialists to track and respond to security threats in real time.
The idea is to back Palo Altoās existing automated Cortex extended detection and response (XDR) platform with human expertise, dedicating members of the companyās threat response team and others to minimizing unnecessary alerts and prioritizing those from serious threats. Itās a response, the company said in a statement, to an increasingly advanced and complicated threat environmentāas well as an in-house security landscape that, in many cases, hasnāt matured to match.
It's the lack of cutting-edge expertise that makes security a particular challenge for so many organizations, noted Palo Alto senior vice president Wendi Whitmore in the statement.
āAs cyberattacks continue to rise, many organizations are being asked to handle advanced threats with limited resources and without the right expertise,ā she said. āThis will not lead to good results.ā
Unit42 MDR offers continuous monitoring
The core part of the offering is continuous monitoring and responseāPalo Altoās experts keep watch on events and alerts around the clock, using the companyās in-house processes and infrastructure to detect and respond to potential threats more quickly and accurately.
Palo Alto also provides, as part of the Unit 42 MDR service, what it calls proactive threat huntingāleveraging the security firmās institutional knowledge and XDR technology to check client environments for complex threats. Finally, Unit 42 also conducts periodic spot checks on clients, basing recommendations for changes in security posture and policy on the companyās expertise in preventing attacks.
XDR, according to Gartnerās latest market report and definition for the technology, is a SaaS-based tool that unifies the management of multiple security functions into front-end system for unified analysis and smooth operation, tying firewalls, endpoint protection, network intrusion protection, secure email, and the like.
The market is relatively immature, Gartnerās report said, and carries the risk of vendor lock-ināputting one company in overall charge of a businessā entire security posture, is not without riskābut the analyst firm lauded the possibility of a more effective and integrated threat response system, due in part to precisely the same factors cited by Palo Alto in announcing Unit 42: the difficulty of finding and retaining in-house security talent, as well as the difficulty of integrating protection methods against a multitude of modern threats.
āMainstream organizations are often overwhelmed by the intersectionality of these two problems,ā the report said.
Gloss