Managed Detection and Response Glossary of Terms

Managed Detection and Response Glossary of Terms

Managed Detection and Response (MDR) is a new term coined by analysts with quick adoption by cybersecurity vendors as the next step in securing your company and your data. These services have taken off because the key to a successful cybersecurity plan is to have layered defenses that address multiple threats. This is where an MDR provider shines. MDR services allow you to not only monitor more of your attack vectors, but they also help you take steps to stop the attack, remediate the assets that have been attacked and protect them from being attacked again.

MDR has brought with it new capabilities, but also a new vocabulary that might not be as familiar to you. So we’ve compiled a Managed Detection and Response glossary to help.

Managed Detection and Response Glossary of Terms

Anti-Virus/Anti-Spam: Antivirus software is a program or set of programs that are designed to prevent, search for, detect, and remove software viruses, and other malicious software like worms, trojans, adware, and more. With anti-spam software, emails that have suspicious content are flagged and then immediately sent into a spam folder, instead of going into the regular inbox.

Endpoint Detection and Response: A second-generation endpoint security solution focused on advanced threats, including continuous monitoring and response. Endpoint detection is sometimes sold as a stand-alone product but is more effective when combines with an MDR solution for a layered defense.

Firewall: A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and an untrusted external network, such as the Internet.

Intrusion Detection System (IDS): A hardware or software appliance that provides real-time monitoring of network traffic and creates automatic alerts upon detection of indicators of compromise (IOCs).

Incident Response: An organized, systematic approach to addressing the impacts of a security incident or data breach to limit the damage to the infrastructure and the business.

Managed Detection and Response (MDR): A comprehensive service for continuous monitoring, infrastructure management, threat detection, and incident response provided by a third-party vendor.

Managed Service Provider (MSP): An IT vendor that provides a service, software, or technology, such as remotely managing IT infrastructure, on a subscription basis. 

Managed Security Service Provider (MSSP): A company that provides 24×7 management, monitoring, and maintenance of security services, such as firewalls, intrusion detection, and prevention systems, and other security solutions at a fixed subscription cost. 

SIEM (Security Information and Event Management): An integrated system that combines security information management and security event management to collect and correlate security events and alerts.

SOC (Security Operations Center): A centralized approach that combines security technology, people, and processes to manage threats—from prevention and detection to investigation and response.

Threat Hunting: Proactive searches of data to identify stealthy threats that have evaded perimeter controls and are hiding on the network or endpoints.

Threat Intelligence: Evidence-based data about current and potential threats, including context, indicators of compromise, mechanisms, and actionable information.

Unified Threat Management: A category of security appliances that integrate a range of security features into a single appliance. UTM appliances combine firewall, gateway anti-virus, and intrusion detection and prevention capabilities into a single platform.

Web Application Firewall: A web application firewall (or WAF) filters, monitors, and blocks HTTP traffic to and from a web application. A WAF is differentiated from a regular firewall in that a WAF can filter the content of specific web applications. In contrast, regular firewalls serve as a safety gate between servers. By inspecting HTTP traffic, it can prevent attacks stemming from web application security flaws, such as SQL injection, cross-site scripting (XSS), file inclusion, and security misconfigurations.

Web Content Filtering: Web content filtering can prevent people in your organization from accessing web pages that may harbor computer viruses or malware, or from viewing inappropriate material that could lead to HR issues. By preventing access to selected web pages, web content filtering solutions can strengthen an organization´s cybersecurity defenses, increase productivity, and avoid HR issues before they begin.

 

SilverSky provides robust MDR solutions that are affordable for small- and medium-sized businesses. If you would like to discuss your specific needs, contact us.

Kyle Benson Editor
Product Marketing Manager , SilverSky

Customer-focused product marketing manager driven to make complex cybersecurity technologies easy to understand and easy to value.

follow me

Previous

Next

Managed Detection and Response

Comprehensive solutions to detect, prioritize, and address security incidents.

Managed Security Services

24 X 7 X 365 monitoring, management, and system maintenance.

Email Protection Suite

Monitor and manage your email environment with advanced email security and compliance protections.

Cloud Email and Collaboration

Cloud office productivity enhanced with proven security and compliance protection.

How does SilverSky's integrated stack of solutions meet your needs?

Compliance and Risk Services

Assess your program and controls, benchmark and identify areas for improvement. Develop your security roadmap for investment and improvements. Effectively measure ROI and impact on your security posture

Incident Response Readiness

Incident Response Plan Development / Review. Incident Response Readiness Review. Emergency Incident Response.

Discuss your compliance, risk management and incident response readiness needs.

Schedule Free 1-on-1 Consultation

Financial Services

1,500+ small & mid-sized financial institutions rely on SilverSky to meet and exceed FFEIC, GLBA and PCI DSS requirements and overall cybersecurity needs.

Healthcare

Hundreds of small & mid-sized healthcare organizations rely on SilverSky to address HIPAA and other regulatory requirements and serve overall cybersecurity needs.

Retail

Small and mid-sized retail organizations count on SilverSky to maintain PCI DSS requirements, secure customer data and reduce cybersecurity threats.

How Exposed Are You?

Take the test to see how your security program compares with other businesses like yours.

Resources

White papers, guides, tools, on-demand webinars, case studies and more. Explore a range of topics. 

Events & Webinars

Blog

Product Sheets

SilverSky product and services information at your fingertips. Product data sheets, compliance matrixes, & brochures.

How Exposed Are You?

Take the test to see how your security program compares with other businesses like yours.

Become A Partner

Partner with SilverSky to tap into the approaching $300 billion+ cybersecurity market.

Talk to one of our partner managers and consider expanding your cybersecurity offerings.

Schedule Partner Exploration Discussion

Share This