In the Market Guide for Managed Detection and Response Services, Gartner highlights that Managed Detection and Response (MDR) represents the future of threat detection and response. The combination of advanced detection techniques, threat intelligence, and incident validation performed by human analysts enables organisations of all sizes to augment their existing security investments and fill gaps in their security operations.

Market description

Gartner describes the market for MDR services as “organisations seeking to establish and improve early, effective threat detection and response through 24/7 continuous-monitoring coverage.”

The market is further described where “providers focus on analytics for detection, use of threat intelligence and on incident response activities, all of which can be expensive, difficult to obtain and hard to sustain for many midsize enterprises (MSEs), as well as larger enterprises.”

In mnemonic, we have long believed that these attributes are key for managed security vendors meeting the complex demands of the security landscape and for a high-value working relationship between customer and vendor.

Recommendations

  • Gartner recommends organisations that do not have detection and response technologies and internal capabilities to consider MDR services.
  • For organisations implementing a SOC, Gartner recommends leveraging MDR services to accelerate threat detection during implementation. For many it can be beneficial to continue working with an MDR provider as a long-term partner once the SOC is fully operational and self-sustaining.
  • Leverage MDR providers that also offer services that will fill in other gaps in their foundational security operations capabilities, like vulnerability management and log management.

Important considerations for buyers

  • Like previous years, Gartner warns organisations buying MDR services to keep a watchful eye on MSSPs claiming to have MDR offerings, with minimal evidence to support those claims
  • Potential buyers of MDR services should recognise that all threat detection cannot necessarily be done with advanced analytics like machine learning. A range of analytics is required to do appropriate threat detection. For instance whitelists, correlation rules, simple statistics and machine learning approaches

Access the full report here (Gartner subscription required).

Interested in knowing more about how Managed Detection and Response services enable your business to combat modern cyberthreats? Read more about mnemonic's Managed Detection and Response services here.

 

Market Guide for Managed Detection and Response Services. Toby Bussa, Kelly Kavanagh, Pete Shoard, John Collins, Craig Lawson, Mitchell Schneider. August 26, 2020.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.