Spyglass-MDR Managed Detection & Response: 2-week Implementation


Spyglass-MDR is the next generation in Security Operations Center services coupled with the latest in AI, advanced threat research and hunting, and experts providing 24x7x365 monitoring and response.

Preventing and rapidly detecting cyberattacks is more important than ever before. Bad actors have become incredibly talented in penetrating a company’s technological infrastructure to carry out cyberattacks — including ransomware, impersonation attacks, data theft — or disrupting operational continuity. It’s crucial to act quickly when identifying a security incident. The faster you can take action to stop it, the better. Here is where Quisitive’s Managed Detection and Response program, Spyglass-MDR, comes in. Spyglass-MDR complements our Security and Compliance Managed Services Program, Spyglass. Together, they enhance security solutions and processes while providing 24x7x365 monitoring and response. Quisitive and CRITICALSTART,® a prominent partner in Microsoft’s MXDR security services program, and a member of MISA, offer a comprehensive security and compliance solution for constant peace of mind. Spyglass-MDR is the next generation in security operations center (SOC) services coupled with the latest in artificial intelligence, advanced threat research and hunting, and experts around the clock investigating every single alert within your environment every minute of every day. This provides customers comprehensive protection with a centralized view of their security landscape, as well as security coaching and 24x7x365 monitoring. This new approach quickly identifies any suspicious activity and acts immediately. Spyglass-MDR eliminates false positives, treats every alert as important, and expedites the response process, taking action immediate to give you the peace of mind knowing that your environment is secure and allows your team to focus on innovating, not reacting.

How does it work?

The combination of the power of humans and the Zero-Trust Analytics Platform® (ZTAP) creates a pair that’s stronger and more effective together than apart. ZTAP is a single portal for analysis, response, and escalation across third party data and products that evaluates all EDR, XDR, SIEM and identity alerts through a Trusted Behavior Registry™ (TBR). The TBR is a one-of-a-kind technology with an approach focused on identifying known good behavior first to eliminate the noise up front so true positives can be further reviewed by analysts in the SOC and escalated to you along with expert remediation guidance. ZTAP weeds out on average 99% of alerts. We achieve this level of productivity through analytics, deep threat intelligence that anticipates threats to your environment, automated playbooks, and response orchestration, ultimately giving you unparalleled time to resolution.

Key Capabilities and Features

  • Combines automation and analysts to ensure 24x7x365 proactive prevention of cyberattacks.
  • Integrates with Microsoft 365 Defender, Microsoft Defender for Endpoint, and Microsoft Sentinel to get superior security and optimize the value of your Microsoft investment.
  • Provides around-the-clock automation and human investigation for every alert generated by Microsoft’s Advanced Security products and features including Microsoft 365 E3, Microsoft 365 E5, Defender for Microsoft 365, Office 365, Identity, and Endpoint, Microsoft Sentinel, Azure Arc, Azure AD Identity Protection (Entra), Information Protection and Governance (Purview), Microsoft Defender for Cloud Apps, and others.
  • World-class security operations centers based in the United States are staffed 24x7x365.
  • Expect an industry-leading response to every alert with 1-hour time-to-detection and 1-hour time-to-resolution for every alert.
  • Detect, resolve, and remediate every alert right from your phone. MobileSoc® gives you mobile access to all security tools.
  • Get full transparency into every alert processed and action taken.
  • Leverages Trusted Behavior Registry,® automatically detecting every alert, resolving every threat, and reducing false positives.
  • Access auditing and compliance mandates by logging all user activity on the platform.
  • Achieve and maintain compliance with industry-specific regulations.

How fast can Spyglass-MDR be added to my Spyglass subscription? We can have the full coverage of MDR up and running within 7-21 days.

How do I get started? Contact your Account Executive or email for a demo.

*Estimated pricing for the implementation of Quisitive’ Spyglass+MDR service is based on a customer with about 2,500 endpoints and 2,000 users (50% information workers + 50% front line workers). Spyglass+MDR is a monthly reoccurring service, typically billed at ~$25k per month with a 12-month service contract.