Room 36, 2/F., Genplas Ind Bldg., 56 Hoi Yuen Road, Kwun Tong, Hong Kong

enquiry@zetanet.hk

Zetanet Technology Limited

Trend Micro XDR- Managed Detection And Response Service

Monitor and correlate more threat vectors

Our threat experts monitor and analyze activity data from the Trend Micro solutions in the environment. Email, endpoint, server, cloud workload, and/or network sources can be correlated, enabling better detections and greater insight into the source and spread of complex targeted attacks.

Superior threat expertise, intelligence, and analytics

Our MDR analysts are skilled and seasoned at interpreting data from our industry-leading solutions. Analysis is optimized by the latest in security analytics and enriched by global threat intelligence. Analysts routinely sweep for threats discovered by Trend Micro Threat Research. This fuels a powerful detection and investigation capability.

Dedicated support for SOC and IT security teams

Our flexible, 24/7 service will alleviate the pain and time for constrained teams to identify, prioritize, and investigate threats. Supplement SOC operations in augmenting detection levels and improving time-to-detect and time-to-respond performance. Maximize effectiveness across multiple security vectors for a single source of detection and response.

Detection

  •  24/7 alert monitoring, correlation, and prioritization using automation and analytics quickly distills alerts down to the events which need further investigation
  • Continuously sweeps for newly identified indicators of compromise (IoCs) or indicators of attack (IoAs), including those discovered in other customer environments and shared via US-Cert or other third-party disclosures we receive
  • Capitalizes on Trend Micro product differentiators, ensuring customers get the most out of their solution’s detection capabilities
  • The MDR service is the first user of any new, cutting-edge detection techniques developed for Trend Micro solutions – you benefit from the latest technologies

Investigation

  • Our experts create a full picture of the attack across the entire enterprise – a root cause analysis, attack vector, dwell time, spread, and impact
  • Analysts are able to synthesize data into insights, leveraging our global threat researchers with a deep collective understanding of threat techniques and actors
  • Customers can work directly with our security analysts during the investigation and response process

Response

  • Contains threats and automatically generates IoCs to prevent future attacks
  • Provides a step-by-step response action plan to remediate and, as applicable, use custom cleanup tools to help recover from the threat
  • Continually sweeps the enterprise to ensure security
  • Generates a detailed incident report and regular executive reporting on security posture

MDR Overview

Key Features

Trend Micro™ Deep Security™ provides comprehensive security in a single solution that is purpose-built to protect your virtual, cloud, and container environments. Deep Security provides a broad range of security capabilities to protect against vulnerabilities, malware, and unauthorized changes, ensuring consistent protection regardless of the workload. Deep Security can send server activity metadata and file integrity monitoring data to the Trend Micro Managed XDR service for correlation and visibility across physical, virtual, and cloud workloads.

Trend Micro™ Deep Discovery™ Inspector is a network appliance that monitors all ports and over 100 different network protocols to discover advanced threats and targeted attacks moving in and out of the network and laterally across it. The appliance detects and analyzes malware, command and control (C&C) communications, and evasive attacker activities that are invisible to standard security defenses. Alerts are sent directly to the MDR service, while recorded metadata is collected and queried by the MDR service as needed.

Trend Micro™ Cloud App Security is a cloud-based advanced threat protection service that secures email and cloud file sharing in Microsoft® Office 365®, Gmail, Box, Dropbox™, and Google Drive™. By using Cloud App Security, Trend Micro Managed XDR service can “sweep” or search through Office 365 for indicators of compromise (IoCs). Most advanced threats start with a phishing email, so combining advanced email protection with the ability to trace a threat to its entry point is an effective defense against the latest in email threats.

Trend Micro Managed Services will monitor the customer’s XDR deployment 24/7 and will remotely investigate all critical security events using data available in the monitored products. Real-time events from endpoint and network security will be continuously sent to the Trend Micro security operations center (SOC) via event logs and alerts. If a critical event is detected and validated it will be escalated to the customer for action.

By correlating threat data from multiple sources such as endpoints, email, networks, and servers, a clearer picture is available to determine the source and spread of advanced attacks. Trend Micro Managed XDR service can even recognize internet of things (IoT) devices or unmanaged endpoints (such as BYOD devices) that may have been compromised, making use of advanced AI to analyze and prioritize threat data.

For investigated customer threat alerts, Trend Micro reports information through incident cases, which contain details of the threat, including affected hosts, indicators of compromise (IoCs), and recommended mitigation options—wherever possible. Trend Micro also provides monthly reports to summarize case activity from the preceding month. All cases and reports are published to the Trend Micro Customer Success Portal, as well as emailed to desired recipients through the standard case support system.

Trend Micro provides an opportunity for a formal service performance review at least once per month. This review examines service performance, significant events and incidents, faults and cases, change requests and execution, and recommendations.

Managed XDR Service Options

Standard or advanced detection, investigation, and response services are offered for one or more Trend Micro security layers.

Documentation

Trend Micro Managed XDR (MDR) Datasheet
Trend Micro Managed XDR (MDR) Solution Brief
Contact Us