VIPRE™ Endpoint MDR Overview

VIPRE Endpoint MDR Overview

What is VIPRE Endpoint MDR?

VIPRE Endpoint MDR is an overlay for VIPRE Endpoint Detection & Response (EDR) that provides 24/7 monitoring and incident coverage. Our team of security experts will monitor your console 24 hours a day, seven days a week, 365 days a year to react to any new incidents, and then will quickly triage, investigate, and provide remediation guidance to your internal teams. 

After your initial onboarding, we will handle the initial incident response, escalating to your internal teams as needed for containment, cleanup, remediation, and hardening. You even have the option of allowing us to isolate potentially infected hosts on your network to prevent attack spread.

Quarterly security reviews will keep you in the loop about longer-term trends in the security of your organization and will highlight the value of this solution while ensuring that your environment - and your security solution - is kept in tip-top shape and operating effectively. This solution guarantees a 1 hour response time for new critical incidents, with full remediation recommendations provided within 2 hours.

You will benefit from IT security experts that handle dozens of incidents daily, and a friendly support team to make sure you don’t run into problems. Leverage our VIPRE Endpoint MDR solution to ensure that no threat to your environment is missed, and to help you reduce attack spread and dwell time while saving your internal team time and money.

We offer VIPRE Endpoint MDR at two levels designed to meet your organization's needs:

• VIPRE Endpoint MDR provides complete coverage for incident monitoring and investigation and then provides detailed analytics and recommendations to your internal teams to perform the remediation. Containment is available but is limited to network isolation of affected endpoints to prevent spread. 
• VIPRE Endpoint MDR Premium goes a step further and provides everything within VIPRE Endpoint MDR, plus proactive incident response, including forensic analysis, containment, and remediation by the VIPRE team leveraging our Remote Shell and other technologies. Detected artifacts will be fully analyzed in sandbox environments to extract additional IoCs for further investigation and to support additional hardening.

Product Availability

These offerings are available to organizations large and small. Additionally, they are available for MSPs (Managed Service Providers) that wish to provide MDR services to their customers via VIPRE Site Manager.

 

Feature	Benefit	The VIPRE Difference
Onboarding	We'll deploy VIPRE EDR to your environment and ensure that all agents are configured and operating correctly.	Deploy and verify agents at customer site Test that incidents are detected and created correctly Gather customer contact/escalation info Gather information on baseline security posture
24x7x365 Monitoring	Our security analysts will monitor your instance of VIPRE EDR on a 24/7/365 basis for any new incidents.	Monitoring and assignment of new Incidents to response teams
Incident triage	Expert IT security personnel will review all incidents and ensure that they are properly handled, closing false positives or escalating any unhandled threats to the response team.	Handle and analyze new inbound Incidents Perform a quick analysis to identify obvious FPs and potential threat impact Internal assignment and escalation
False Positive/True Positive Analysis	We'll establish if an alert is a false positive after analysis and close the alert; in case of a true positive, a ticket will be generated and escalated to you.	More intensive analysis by tier 2 team to weed out false positives or clarify potential threat impact Adjustments to incident status and severity, plus early identification of potential targets and threat artifacts
Incident Enrichment	We'll review incidents and attach contextual information gleaned from OSINT sources.	Pull IoCs from the Incident and research within known threat databases to identify attack type, source, etc Annotate the Incident with any significant findings
Analyst notes and remediation recommendations	Human analyst insight is added to each Incident as part of our initial triage and analysis.	Human review of Incident to identify significant malicious activity within processes, network connections, files, etc Recommendations on how to contain and clean up any threats on the endpoint Annotation of Incident with these insights
Incident Escalation	We’ll escalate all incidents to your team for resolution.	Includes all the notes and recommendations as above Flexible escalation based on threat type and severity, i.e. email and SMS
24x7x365 Tech Support	We'll provide support to you for all product-related issues.	Reactive response to customer-reported product issues Internal escalation for resolution as required
Quarterly Executive Reporting	We'll provide a monthly executive summary of activity within the MDR service, including incident summaries, environment changes, and long term trends.	Analyst reviews customer history and prepares report Incident metrics and retrospectives Overall threat trends and observations Environmental recommendations
Service Level Agreements (SLA)	The agreed time within which customers will be notified of any new incidents, broken out into separate SLAs for initial incident acknowledgment/assignment; for incident response, and for responding to customer requests for clarification.	SLAs are set based on Incident status and severity SLAs fully defined in the Statement of Work associated with this service

 

Why VIPRE?

VIPRE Security Group puts more than twenty years of advanced security intelligence, cutting-edge machine learning, real-time behavioral analysis, and a comprehensive threat intelligence network to work defending against known and unknown attacks. Our supportive approach to MDR is suitable for all small to medium-sized businesses.

• The Best Protection at the Best Price – VIPRE EDR is consistently ranked in the top tier alongside other market leaders in comprehensive independent tests
• Ease of Use - VIPRE’s intuitive solutions make it easier to secure your endpoints from ransomware and other threats
• Rapid Deployment - We can quickly deploy VIPRE EDR with minimal disruption to day-to-day activities
• Reduced Downtime - VIPRE enables both speed and security, protecting you from malware without slowing down any processes
• Award-winning Support - included with all of our solutions is access to our award-winning, highly qualified global tech support team with a consistent 90%+ CSAT rating.

VIPRE Endpoint Detection & Response is an important solution to ensure that your endpoints are protected against malware, remote compromise, and insider threats. But EDR solutions like ours require some care & feeding to achieve the best value and provide complete protection. VIPRE Endpoint MDR (or MDR Premium) provides an outsourced management layer to ensure that you get the best protection from your EDR solution. To detect and respond instantly to endpoint threats with next-generation EDR and antivirus technology built for SMEs and the partners that serve them without our MDR offering, you can find more detailed information on the VIPRE website.

Onboarding - What to Expect

Our team of experts will work closely with you to ensure a seamless deployment and integration of our solution into your infrastructure. You will receive an email from us to the original email requesting contact information for a primary point of contact, an escalation point of contact, an emergency point of contact for critical events, and at least three date/time options for our deployment call and walkthrough.

We'll verify all service agreements during the deployment call and review the product, including all options, with you. You'll also have the opportunity to address any questions or concerns you may have during our scheduled deployment call.

For MSPs, we will set up an onboarding session when you enable MDR or MDR Premium on your first site. Subsequent MDR enablement will not require the onboarding session. 

Important! 

Monitoring and incident response begins only once the onboarding session is completed. If you do not receive your onboarding email then reach out to our Support team for help.