Managed Detection and Response (MDR) Service

Cyber Solutions Products

The unique combination of SentinelOne®'s AI-driven threat detections, working in conjunction with First Watch's proprietary detections, elevates your data security and significantly reduces false positives. This combination, along with First Watch's Human Element, differentiates us from the competition.

First Watch Human Element: allows First Watch to provide proactive threat hunting, 24/7 threat detection, squad model, and threat remediation which reduces our customers' security workload and human resource security costs. All of this at the lowest retail price.

What's Included?

 Managed NGAV MDR MDR Pro MxDR
Next Generation Anti–virus (EPP).

  • Built-in Static AI and Behavioral AI Analysis, Firewall: with location awareness and network connectivity controls
  • Device Control for USB and Bluethooth Devices.

 check check check check
Managed Threat Detection and Response

  • Customized configuration and setup EPP unique to the environment
  • Review all detections to determine if false positive or an actual threat
  • Manage EPP to include remediation, malware analysis of threats and adding exclusions.

 check check check check
24x7 Threat Monitoring Detections & Response

  • Every console threat is, reviewed, acted upon, and documented
  • Full response capabilities
  • Automated threat response including remediation

 check check check check
Rapid Response & Remediation

  • Ransomware rollback
  • Leverage AI to detect and respond to active threats
  • Detect threats across the entire attack surface

   check check check
Active Threat Hunting

  • Active hunting & tracking of attacker techniques, global APT campaigns, and emerging cyber crimes
  • Alerting and remediation when threats are detected in your environment

   check check check
Proprietary Behavior Based Detections

  • Behavior based detections based on MITRE ATT&CK framework (Techniques, Tatics & Procedures) TTP's
  • Tuning of customers enironment

   check check check
Unlimited Incident Response Investigations

  • Full Incident Response
  • Root Cause Analysis (RCA) to include Initial Infection Vector (IIV) and exfil/breach determination

     check check
Enterprise Forensic Investigations

  • Automatic collection of files, and operating system artifacts around a threat
  • Remote Forensic Investigation / Analysis of the endpoint

     check check
Slack Channel

  • Collaboration between customer and First Watch cyber analysts
    • on active threats
  • Communication channel for customer and First Watch MDR team
  • Assigned customer advisor

     check check
Squad Model

  • Dedicated team of experienced cyber analysts
  • Dedicated project manager
  • Quarterly threat landscape reviews

     check check
Managed Extended Detection & Response (MxDR).

  • Cloud based SIEM (Devo),
  • Correlation of endpoint and network traffic,
  • Log source ingestion: Email, Firewall and Proxy Logs.

       check

Our Expertise

GAIC Certified Incident Handler (GCIH) Department of Defense Digital Media Collector COMPTIA A+ COMPTIA Network+ GIAC Assessing and Auditing Wireless Networks (GAWN)
GAIC Certified Forensics Analyst (GCFA) Department of Defense Digital Forensics Examiner Carey and Associates Certified Covert Entry Specialist GIAC Web Application Penetration Tester (GWAPT)
WetStone Certified Hacking Examiner Acquisition Data Certified Acquisition Specialist The Reid Technique of Interviewing and Interrogation GIAC Certified Penetration Tester (GPEN)
WetStone Certified Steganography Examiner COMPTIA Security+ GIAC Certified Forensics Examiner (GCFE) GAIC Certified Intrusion Analyst (GCIA)
EnCE EnCase Certified Examiner AccessData Certified Examiner GIAC Network Forensic Analyst (GNFA) GAIC Reverse Engineering Malware (GREM)