Email MDR – Custom Service

DeepSeas' Email Managed Detection and Response Service ("Email MDR") delivers continuous monitoring of suspected email phishing and business email compromise attacks reported by Customer users within Microsoft Outlook/O365. Suspicious emails reported by Customer users are then isolated and aggregated in a separated, controlled cloud environment and forwarded to the DeepSeas' Cyber Defense Platform for human analysis, triage and disposition. Our team of highly experienced security analysts leverage superior tradecraft to review suspicious emails for evidence of phishing, malware, social engineering, zero-day exploits and other potential cyber threats that are delivered by email.

DeepSeas Email MDR includes the following service elements:

• Customer users who submit suspected phishes receive an initial response acknowledging the submission
• DeepSeas will update and maintain a "VIP list" so that responses to Customer VIP users who submit suspected phishes are prioritized and responded to first
• Suspected phishes will be investigated within four (4) hours of their submission by a user via the Phish Button.
• If DeepSeas determines that there is a legitimate threat to the security of Customer's environment, the email will be immediately isolated and the Customer will be sent a notification detailing our findings.
• Upon disposition of the phish, Customer user will receive a notification of the disposition by way of a mutually-agreed template.
• DeepSeas will provide to Customer basic reporting about the Email MDR service performed on a monthly basis.

DeepSeas, together with the Customer, will complete the following process to onboard and initialize the Email MDR service:

1. Kick-Off - DeepSeas and the Customer participate in a joint call to confirm services, define a Customer MDR Runbook and notification template, and agree on other key details regarding the Services that shall be provided. During the Kick-Off, the Customer is introduced to their Technical Support Engineer (TSE) / Service Delivery Manager (SDM). (Estimated duration <1 week)
2. Integrate with DeepSeas Email Analysis Framework - DeepSeas will i) provide Customer with email forwarding address to establish a connection between Customer's Microsoft Outlook and the DeepSeas Email Analysis Framework; ii) add appropriate entitlement(s) in ServiceNow, and run a test phish to affirm appropriate workflows. (Estimated duration <1 week)
3. Service Optimization & Go-Live - DeepSeas services are fully operational and adjusted as needed to meet Customer needs, as defined in the Statement of Work. DeepSeas will provide reports and on-going communication to the Customer. (Estimated duration 2+ weeks)