Managed Detection and Response (MDR)

Managed Detection and Response (MDR) is a fully managed next generation anti-virus tool. MDR protects devices (workstations and servers) through active monitoring and response to mitigate threats prior to exploitation, compromise, or exfiltration of data. MDR protects against the primary attack vectors, including malicious links and attachments, use of compromised credentials, and the exploitation of network vulnerabilities. Sensors are installed on workstations, laptops, and servers to monitor for security risks and malicious activity 24 hours a day, 7 days a week, 365 days a year. This is a completely managed solution, meaning the vendor and MNIT take the burden from organizations to detect and respond to cybersecurity threats. 

MNIT works with a MDR vendor to provide a cloud-based solution without restrictions of operating systems or hardware. A single, lightweight sensor is deployed on systems with no reboots, and a unified console displays your security information. Among its many features, this product includes 24/7/365 monitoring and threat hunting outside of traditional automated or heuristic methods to detect advanced adversaries and behavior patterns not yet attributed to threat actors.

Managed Detection and Response (MDR)

MDR looks for the attacks, indicators, and behaviors that could lead to data breaches, ransomware, or other major events and blocks those actions proactively. The MDR service is provided at a substantial price reduction through grant funding and bulk purchasing with the goal of making security as hands-off as each participating entity desires. 

The vendor’s security operations center and threat hunting team are actively monitoring 24/7/365. The MNIT Cyber Navigator team provides secondary support as needed to ensure a seamless transition and continued support. Users can submit support tickets directly from their console at any time and contact MNIT with any questions. MNIT is available during extended business hours to lend support and can be alerted after hours as needed. Entities will determine who at their respective organization is notified and what type of actions trigger a notification.

Details

Service Level Objectives
Service Notes

The vendor and MNIT Cyber Navigators support participating entities through each phase of deployment and continued use. These teams are available to assist with any questions, schedule demonstrations, and expedite any issues you may encounter. The entire process can be expedited though the standard deployment typically takes two weeks. Interested participants are encouraged to start exploring the solution as early as possible to help answer questions that may arise.
Customer Responsibilities

Participants are required to sign a MNIT-provided contract, provide basic contact information and security goals, and deploy the sensors in their environments. The MNIT Cyber Navigator team is available to assist, including providing step-by-step instructions and meetings with participants to guide them through the process. Once entities are actively using the MDR service, there are few actions needed unless participants choose to be more involved in mitigation or wish to understand and track threats, mitigations, or other actions. The MNIT Cyber Navigator team will review all eligibility requirements and are available to answer any questions. Participants are committed to enroll in the calendar year in which they begin services and the following calendar year. Additional details are included in the contract and on the MNIT Whole-of-State Managed Detection and Response (MDR) website.

Service Costs

MNIT utilizes the MDR vendor across a range of environments which enables large-scale and considerably reduced bulk purchasing prices. The cost is then further reduced for local government partners through multiple cybersecurity grants. Visit the Whole-of-State Managed Detection and Response (MDR) page for the current cost structure.

Related Services

Network Services