Don't Take it from Us, Hear It from Your Peer > OnDefend
    > Don’t Take it from Us, Hear It from Your Peer


News & Updates

Don’t Take it from Us, Hear It from Your Peer

October 25, 2023

Security Monitoring Validation was built out of a need from our customers to see how long it would take their security controls to detect an attack and then how long it would take for their 3rd party provider to respond.

We quickly found the need was not a singular event.  A recent survey found the average response time for MSSPs to security incidents is 3 hours. However, the study also found that 20% of MSSPs take more than 12 hours to respond to security incidents.

By leveraging OnDefend’s breach & attack simulation solution, BlindSPOT, our professional services team is able to safely simulate ransomware, supply chain, and other adversarial tactics every month to prove a third-party security provider or internal defense team will detect, respond, and alert to real- world cyber-attacks within the organizations selected time frame.

A customer success example:

Problem: What is our mean time to detect (MTTD) and mean time to respond (MTTR)?

Background:  This customer was concerned about reports of similar organizations’ internal network defense teams and outsourced 3rd party MSSP’s providers response to cyber-attacks, which resulted in critical delays and sometimes complete response failures.

Actions Taken: BlindSPOT was used to perform the service Security Monitoring Validation where various threat actor attack vectors are simulated on an environment to validate, their real-time detection, alerting, and response readiness as if it was a real event.

Result: The attack simulation report revealed the EDR was missing attack activity, when the EDR did successfully detect an attack, the logs were being directed to the EDR’s own console rather than the SIEM. The MTTD for the attacks that were logged was 5 hours. Following remediation of the of the misconfigurations the MTTD was 2 minutes.

Customer Reflection: “I was blown away by how long it took for our system to detect an event and reach the screen of the analysts who was responsible to respond. If it had been a real attack, our original detect and response time of 5 hours would have potentially cost us millions, not to mention losing that sensitive data. Now, if our EDR and SIEM have a detection or response failure, we’ll know.” – Vice President of Information Security, International Technology Corporation

Instantly download a demo here: Security Monitoring Validation


Connect with Us to Stay in Touch

Website Design and Development by 63 Visual Design Studio in Jacksonville Beach, Florida.