Symantec Managed Endpoint Detection and Response Service

Managed threat hunting, remote investigation, and pre-authorized remediation

24x7 threat hunting and remote investigation service delivered by expert Symantec SOC analysts who actively detect, validate, and remediate stealthy attacks.

Read the Brief

An Expert SOC Analyst Team for Every Customer

Assigned based on your industry and region.

Expert Symantec Security Operations Center (SOC) teams – a service manager, analysts, engineers, and onboarding specialists – are trained in advanced investigations across on-premises and cloud endpoint environments.

  • Address in-house skills gaps and extend your team’s capabilities with Symantec SOC experts.
  • Address critical off-hour attacks with 24x7 coverage across six global SOCs (United States, United Kingdom, India, Singapore, Australia, and Japan).
  • Interact with your dedicated Symantec SOC team at any time via phone, portal, email, and online chat.

Managed Threat Hunting for Emerging IoCs and TTPs

Actively detect threats that would otherwise go unnoticed.

Detect stealthy and previously unknown attacks faster and more effectively than ever before, minimizing the risk and business impact of an attack.

  • Analyze security logs through Symantec SOC Technology Platform big data analytics engines correlated with the Symantec Global Intelligence Network.
  • Continuously and automatically hunt threats based on emerging indicators of compromise (IoCs) and tactics, techniques, and procedures (TTPs) using the MITRE ATT&CK framework—all enhanced with human analysis.
  • Apply global threat insights to your local environment to detect and respond to threats more quickly.

Remote Investigations and Pre-Authorized Remediation

Your expert Symantec SOC team has your back.

Trust your experienced Symantec SOC analysts to:

  • Quickly validate and respond to an attack by investigating critical IoCs from across your on-premises and cloud environments.
  • Disrupt attacks by remediating compromised endpoints via pre-authorized actions.
  • Facilitate your engagement with Symantec Incident Response (when required for more extensive investigations and emergency breach response).

Fast Onboarding and Continuous Engagement

Hit the ground running and stay ahead of the curve.

Efficient, no-cost onboarding by your designated Symantec team ensures fast time to value; ongoing engagement ensures that value grows greater over time.

  • Receive Emerging Threat Reports and Symantec SOC team insights as soon as they’re available.
  • Review your threat activity and recommendations in regular meetings with your assigned Symantec service manager.
  • Attend monthly, customer-only threat landscape webinars presented by Symantec SOC analysts and threat intelligence practitioners.
  • Create customized call trees to ensure the right people are contacted at the right time.

Symantec Blogs

The Growing Challenges of Threat Detection and Response

Why is threat detection and response getting harder? Recent ESG research explains why

Posted: 15 Jul, 2019 | 3 Min Read

Read More

Managed EDR Accelerates Cyber Response for Government Agencies

Bolstering defenses at the endpoint can help agencies blunt new threats from attackers targeting systems to...

Posted: 20 May, 2019 | 3 Min Read

Read More

Why MEDR is Key to Helping Government Combat Stealthy Threats

Managed EDR accelerates cyber response – which is especially important for government agencies under siege from...

Posted: 08 May, 2019 | 3 Min Read

Read More

Sometimes Threat Hunting Isn’t Enough

Proactively searching for threats is critical, but organizations trying to stop advanced threats need to understand...

Posted: 09 Apr, 2019 | 3 Min Read

Read More