Difenda's SecOps-as-a-Service cornerstone offering, Managed Extended Detection & Response (MXDR) for IT, provides world-class Microsoft Sentinel + XDR platform integrated threat detection and response services. As part of the service, customers benefit from Difenda AIRO, an automated triage and response engine backed by our 24x7x365 ISO27001, SOC II Type 2 and PCI Certified Cyber Command Center (C3) team for around-the-clock protection.  

Difenda MXDR for IT is designed to support ongoing cyber program maturity and reduce loads on internal teams. We use iterative processes to help customers tune configurations to enhance proactive controls and reduce alert volume. Real-time insights are generated through our Difenda Shield Analytics platform, providing cyber security leaders with the data points and dashboards required to drive cyber strategy. 

Our managed services are designed to be modular, allowing customers to selectively license services depending on the nature of their IT environment. Customers can dynamically leverage some or all the following MXDR for IT service components:

- Managed SIEM – Managed Microsoft Sentinel services

- Managed Endpoint Detection & Response (EDR) – Managed Defender for Endpoint threat detection and response services

- Managed Identity TDR – Managed Defender for Identity / Identity Protection threat detection and response services

- Managed Email TDR – Managed Defender for Office 365 threat detection and response services

- Managed Cloud TDR – Managed Defender for Cloud threat detection and response services

Difenda's 4 step methodology to provide actionable outcomes:

- Threat Profiling – Iterative contextualization of environmental threats.

- Threat Detection – Rapid, 24x7 identification of threats.

- Threat Hunting – Continuous search for new and emerging threats.

- Threat Response – A combination of automated processes and human intervention for effective threat containment.

What’s included?

MXDR for IT Implementation

- Microsoft Defender Suite Implementation Support

- Microsoft Sentinel Implementation

- Microsoft Sentinel Log Source Integration

- Microsoft Sentinel Custom Development (Log Data Connectors, Analytic Rules, Playbooks, etc.)

Difenda Shield Services Overview

- 24x7x365 MXDR triage and response

- Difenda AIRO: Automated Triage and Response engine (SOAR)

- Difenda Shield Analytics Platform portal and real-time reporting

- Integrated Threat Intelligence, including advisories and bulletins

- Proactive Threat Hunting

- Ongoing Sentinel maintenance, including Log Data Connector, Analytic Rule, and Playbook development

- Remote Incident Response (RIR) retainer

- Dedicated Technical Account Manager (TAM) & Customer Success Manager (CSM)