Building network detection and response capabilities into MAD Security’s managed security service offering protects sensitive government data and provides greater protection and improved response times against cyber threats
OpenText, a provider of information management with an extensive security solution portfolio announced a partnership between OpenText Network Detection & Response (NDR) technology and MAD Security. This joint solution from OpenText and MAD Security will empower customers to significantly cut false positive security alerts and protect sensitive government data against advanced cyber threats.
MAD Security, a managed security service provider (MSSP) that helps contractors and other small and medium-sized enterprises detect potential breaches and prevent attackers from disrupting operations or exfiltrating data, knows firsthand that government contractors are a prime target for cyber-attacks, from phishing and social engineering to malware and ransomware. MAD Security decided to augment its offering with NDR capabilities to strengthen its cybersecurity capabilities. The aim was to monitor and analyse raw enterprise network traffic continuously, creating a baseline of network behaviour that would help analysts hunt down emerging threats faster.
“In the past, MAD Security has relied on an anomaly-based intrusion detection system to find indicators of compromise (IOCs). While this approach was effective for analysing north-south traffic across small networks, it was a challenge to pinpoint IOCs across larger networks with significant volumes of east-west traffic,” said Jeremy Conway, CEO at MAD Security. “If we could reduce the time our analysts spent drilling down into the data, we could accelerate our response and improve cost efficiency – ultimately providing a more competitive service. Working with OpenText, we can now detect and correlate events, investigate the data and notify the client in an average of just 6.5 minutes – less than half of SLA.”
MAD Security selected OpenText NDR because of the level of visibility it provides. The company can now look beyond individual subsets of endpoint and log data to build up a clear picture of what happened and when during an attack – even if the network traffic is encrypted. MAD Security uses OpenText NDR to make sure remediation efforts are successful, for example, by monitoring for new IOCs during its cleanup effort to detect whether the attacker is changing tactics or switching to an alternate toolset.
OpenText NDR is an end-to-end network security platform that simplifies network threat detection by combining smart packet capture (Smart PCAP) and rich network metadata generation, delivering a clear view of even the most complex networks. With OpenText NDR, MAD Security can gain insights faster than ever through deep packet inspection, behavioural anomaly detection, IOC matching, and AI-powered analytics.
“We are thrilled to be able to count MAD Security among our many incredible customers and are proud to see not just our solutions working for the organization but also be part of its growth and success,” said Muhi Majzoub, Executive Vice President and Chief Product Officer at OpenText. “By supporting MAD Security with OpenText NDR, we were able to help the company achieve its growth target while keeping its analyst team lean.”