Network MDR – Custom Service

Service Overview

DeepSeas' Network Managed Detection and Response Service ("Network MDR") provides 24x7x365 threat detection, analysis, and response to validated cyber threats generated by a supported network threat detection technology. Network MDR leverages out-of-band, full-packet capture intrusion detection systems (IDS), typically deployed behind a firewall or similar security prevention asset, to enable behavioral and analytic-based monitoring of inbound, outbound and lateral network traffic within a Customer environment. DeepSeas deploys, applies and continuously updates detection logic, threat intelligence and custom rulesets, which are combined with recursive file-carving, Yara-based detection and comprehensive metadata analysis to identify potential security threats and deliver high-fidelity security data to the DeepSeas Cyber Defense Platform to support investigations.

Onboarding Process

DeepSeas, together with the Customer, will complete the following process to onboard and initialize the Network MDR service:

1. Kick-Off - DeepSeas and the Customer will participate in a joint call to confirm services, network sensor specifications, shipping information, definition of a Customer MDR Runbook, and other key details regarding the Services to be provide. At the Kick-Off, the Customer is introduced to their Technical Support Engineer (TSE) / Service Delivery Manager (SDM). (Estimated duration <1 week)
2. Shipping - DeepSeas will coordinate the shipping of network sensors to the Customer's location(s). Shipping times vary based on location and range from 2 days+ for U.S. domestic locations and up to 30+ days for international locations. International shipments requiring Importer of Record (IOR) coordination with the Customer which may delay shipping timelines. (Estimated duration: <2 weeks for domestic shipments; 4+ weeks for international shipments)
3. Network Sensor Installation and Traffic Validation - DeepSeas will work with the Customer regarding scheduling of installation of Network Sensors with DeepSeas, providing support and guidance by either email or phone. Installation includes allowing connectivity to DeepSeas' data center(s) through any firewalls; racking the appliance(s); inputting appropriate IP addresses and customer IDs; testing; and rebooting. After validating successful sensor functionality, DeepSeas will capture and validate network traffic from the installed network sensor. Network traffic will be reviewed with the Customer to ensure the network sensor has the appropriate visibility thereby ensuring service outcomes can be met. (Estimated duration <1 week)
4. Baseline - DeepSeas will begin monitoring the network sensor alerts and begin notifying the Customer of validated threats while creating a baseline for priorities, focus, and response. (Estimated duration <1 week)
5. Service Optimization and Go-Live - DeepSeas monitoring services are fully operational and adjusted as needed to meet Customer needs. DeepSeas provides reports and on-going communication to the Customer. (Estimated duration 4+ weeks)