Managed Endpoint Detection & Response (MDR)

Built by attackers for defenders
WithSecure’s™ threat hunters spend up to 50% of their time researching new and evolving tools and techniques used by threat actors. Every alert is investigated by the DRT who will use its knowledge and experience to decide what, if any, action to take. The Countercept MDR’s proprietary Endpoint Detection & Response (EDR) agent and log collectors, which feed data into our xDR detection platform, provide excellent visibility of user, endpoint, cloud and network activity.  Countercept MDR’s 24/7 First Response service also contains and remediates incidents before they have a chance to impact the business. Using this proven First Response methodology enables threat hunters respond to incidents, at the right time and in the right way, with less than 1% of incidents to date requiring escalation to WithSecure™ Incident Response. It delivers operational efficiency and resilience to clients that enables them to achieve their goals.

What can you achieve?

1. Effective Detection & Response
   Countercept is a threat-driven service designed to be effective in the ‘grey area’ where legitimate activity masks malicious intent. WithSecure™ responds to incidents in minutes – and resolve most of them within hours.
2. Peacetime Value
   Countercept provides cyber security insights that support continuous security posture improvement. WithSecure™ helps you improve your security posture and meet your compliance obligations.
3. True Partnership
   WithSecure™ acts as an extension of your cyber security team, giving you unmetered access to our experts, sharing their threat hunting expertise, addressing queries and helping your team develop.

Countercept MDR architecture

Countercept D&R team

WithSecure’s Detection & Response Team (DRT) spends up 50% of its time researching vulnerabilities that attackers might exploit and proactively creating detections. There is customer and true positive finding by the DRT and Incident Response teams that use the same technology platform and work closely together – meaning handoffs are seamless and well-practiced. Dedicated security engineers provide insights that help you deter and resist attacks for peacetime value.

Countercept MDR advantages

Across all three evaluations, WithSecure™ consistently identifies threats and has demonstrated its effective MITRE evaluations  and response. There has been an NPS growth of 124% since the launch. Incidents demand preparation, promt action and clear communication. WithSecure’s™ customers affirm that the organisation does this.  There is also consistently outstanding service with the following results:
Net Promoter Score (NPS): 51
Customer Effort Score (CES): 89%
Customer satisfaction (CSAT): 4.6/5–4.7/5

Working to solve technology problems since 1988 with a true partnership of over 30 years to date, Countercept MDR has now been delivering its service since 2016 and has a proprietary XDR platform with in-house expertise and in-house development of systems, from Detection all the way through to Incident Response. The success rate is over 95% and the following table provides information on how WithSecure’s ™ Countercept compares with other Detection and Response solutions.