Alert Logic has introduced an initiative to develop a clear definition of managed detection and response (MDR) capabilities. The move comes as dozens of MSSPs (managed security services providers) and cybersecurity software companies each put their own spin on the MDR term.
There is currently a "disconnect" between customer expectations and vendor descriptions of MDR capabilities, Alert Logic SVP and Chief Evangelist Jack Danahy stated.
In a bid to stand out from the MDR crowd and educate partners and customers, Alert Logic will partner with Aptum, Avant and other technology providers on an educational webcast series. Also, Alert Logic is promoting an "MDR Manifesto" that emphasizes critical capabilities necessary to deliver MDR.
Gartner's MDR Definition
MDR involves the delivery of 24/7 threat monitoring, detection and response services, technology research firm Gartner indicated. An MDR provider leverages a combination of technologies deployed at host and network layers, along with analytics, threat intelligence and human expertise for incident investigation and response.
In addition, MDR providers conduct incident validation and offer remote response services such as threat containment, Gartner noted. This allows MDR providers to address security incidents and return customer environments to their last-known good state after cyberattacks.
MDR Market Growth
Demand for MDR solutions appears strong. Global MDR market revenues are expected to increase at a compound annual growth rate of 31.6 percent between 2017 and 2022, according to industry analyst MarketsandMarkets. These revenues also could total nearly $1.7 billion by 2022.
Among the companies gaining MDR momentum:
- eSentire doubled its sales growth in 2019.
- Secureworks gained nearly 100 new MDR customers in its most recent quarter.
- Alert Logic has built MDR relationships with such partners as Involta, Rackspace and Ensono, just to name a few.