open-systems.comManaged Detection and Response, Solution Brief 1.1 by Open Systems ©2020, proprietary

Managed Detectionand Response (MDR)

Outcomes, not alerts – Managed Detectionand Response nativelybuilt for the cloud era.

SOLUTION BRIEF Detect advanced threats through data correlation and collaborationWith the Managed Detection and Response service your enterprise utilizes the

best-practice approach to minimize risk by providing continuous monitoring of all

potential attack surfaces and fast remediation.

MDR is specifically designed to detect advanced threats that bypass existing

security controls. These threats are complex in nature, and proper identification

often requires the correlation of suspicious behaviors from many different angles.

The future of security is about collaboration. Threat actors collaborate by sharing

toolkits, compromised credentials and other critical information. We enable

your security teams to collaborate with our experts as well.

What makes our MDR special?

Integrated into SASE

MDR integrated into our SASE

solution allows us to detect threats

with more accuracy and isolate

threats faster through our security

stack.

The SASE integration allows us

to contain threats earlier in the kill

chain to reduce impact.

Cloud-native SIEM

By leveraging Azure Sentinel, we

can benefit from its scale, detection

capabilities and community advan-

tages versus other SIEM and SOAR.

Fast setup of various security

log connectors as well as smooth

integration of cloud and user logs.

24x7 DevSecOps Model

Through our unique DevSecOps

model – built on top of 20+ years of

operational excellence – we constantly

protect your enterprise against

ad van ced threats.

Having dedicated Security Analysts

available to customers ensures

highest quality and effective threat

response.

SECURITY DATA SOURCES

• Firewall

• Network Detection and Response

• Secure Web Gateway

• Endpoint Detection • and Response

• 200+ integrations

USER ANDCLOUD DATA

• Identity and Access Management

• DNS Server

• Third party servers

• Applications (on-prem, IaaS, SaaS)

• Cloud-native workloads

Apps Azure Sentinel based MDR Platform

Open Systems Security Analysts

Endpoints Users

Security

Collection

• Collecting logs• Secure transport

Feedback Loop andAutomation (SOAR)

InvestigationBoard

Collaboration (Optional)• Visibility• Participation

Open SystemsSecurity Team

Your SecurityOperations

Your security investments Open Systems Outcomes

Analysedincident

Threat responsecontainment

Parsing

• Extract security- relevant fields• Normalize date

Analysis

• Threat intelligence• Enrichment• Correlation

Cloud SIEM

The future of security is about collaboration and integration. MDR detects, analyzes and contains attacks faster for you

Open Systems is a secure access service edge (SASE) pioneer that enables organizations to connect to themselves, to the cloud, and to the rest of the

world. With cloud-native architecture, secure intelligent edge, hybrid cloud support, 24x7 operations by level-3 engineers, and predictive analytics, the

Open Systems SASE delivers a complete solution to network and security.

Learn more at open-systems.com | Copyright 2020 Open Systems. All rights reserved. Approved for public use. (MS, 27 April 2020, v1)

Best-practice SIEM leveraged through a unique, collaborative operations model

The Open Systems MDR platform provides a best-prac-

tice framework for detecting threats and it will continual-

ly evolve to keep pace with the changing nature of

modern cyberattacks.

More than a SIEM While we build a cloud-based SIEM in Azure Sentinel and

provide our customers access to it, we are delivering the

outcome of its insights in the form of analyzed incidents.

Collaborative approach It is not a requirement for your security teams to operate

and maintain the SIEM in Azure Sentinel. Open Systems

remains fully and solely responsible for detecting and

responding to threats in this model. However, our plat-

form enables your security teams to collaborate in the

process to the degree that they desire without the

challenges of operating and maintaining a SOC directly.

This unique approach to threat detection leverages the

expertise and knowledge of both the customer and the

Open Systems security team by facilitating collaboration

to deliver the best threat detection possible.

Our key differentiators

Cloud-native MDR Platform Limitless cloud speed and scale platform. Smooth integration

with customers’ existing data and security stack directly in

Microsoft Azure and Sentinel.

Integrated protection, detection and response layer Faster threat protection through integrated, unified threat

intelligence, as well as a network and security detection layer

with an automated, cloud-native SIEM and an experienced

security analytics and response team.

Business-risk driven approach Our MDR solution focuses on your business impact, risks and

assets. Report, track and improve your enterprise’s security

resilience through continuous improvements instead of

having noisy security events and products. Not alerts,

outcomes!

Collaborative investigation board and DevSecOps A unique collaborative SOC operational model fully leverages

the knowledge of our security experts for faster and more

accurate detection. The DevSecOps directly integrates into

your organization and speaks the same language as your

security team.

SECURITY DATA SOURCES

• Firewall

• Network Detection and Response

• Secure Web Gateway

• Endpoint Detection• and Response

• 200+ integrations

USER ANDCLOUD DATA

• Identity and Access Management

• DNS Server

• Third party servers

• Applications (on-prem, IaaS, SaaS)

• Cloud-native workloads

Apps Azure Sentinel based MDR Platform

Open Systems Security Analysts

Endpoints Users

Security

Collection

• Collecting logs• Secure transport

Feedback Loop andAutomation (SOAR)

InvestigationBoard

Collaboration (Optional)• Visibility• Participation

Open SystemsSecurity Team

Your SecurityOperations

Your security investments Open Systems Outcomes

Analysedincident

Threat responsecontainment

Parsing

• Extract security- relevant fields• Normalize date

Analysis

• Threat intelligence• Enrichment• Correlation

Cloud SIEM

Cloud-native MDR platform architecture and matching operations model