Difenda’s MXDR for OT service offers a turn-key agentless extended detection and response (XDR) service that is deployed to help protect OT and industrial control system (ICS) devices. As part of the service, customers benefit from Difenda AIRO, an Automated Triage and Response Engine backed by our 24x7x365 ISO27001, SOC II Type 2 and PCI Certified Cyber Command Center (C3) team for around-the-clock protection. Our proven process uses passive, agentless network monitoring to safely gain a complete inventory of all your assets, with zero impact on infrastructure performance. With this added visibility, Difenda’s Cyber OT Operations team rapidly triages threats, performs ongoing alert tuning, and works with customers on escalated incidents to contain and mitigate threats. This managed service can seamlessly integrate with Difenda MXDR for IT to provide customers with unified threat protection across the entire environment. This provides our C3 team with the ability to mitigate OT threats by tracing indicators back to the IT environment and containing the originating IT threat vectors such as malicious emails, compromised identities and infected endpoints. We are solely focused on Microsoft Security and provide superior customer experiences delivered by tenured cybersecurity experts. Difenda MXDR for OT service is designed to support ongoing cybersecurity program maturity and reduce loads on internal teams. We use iterative processes to help customers tune configurations to enhance proactive controls and reduce alert volume. Real-time insights are generated through our Difenda Shield Analytics platform, providing cyber security leaders with the data points and dashboards required to drive cyber strategy. 4-step methodology to provide actionable outcomes: - Threat Profiling – Iterative contextualization of environmental threats. - Threat Detection – Rapid, 24x7 identification of threats. - Threat Hunting – Continuous search for new and emerging threats. - Threat Response – A combination of automated processes and human intervention for effective threat containment. What’s included? MXDR for OT Implementation - Microsoft Defender for IoT (OT) Implementation - Microsoft Sentinel Implementation - Microsoft Sentinel Log Source Integration - Microsoft Sentinel Custom Development (Log Data Connectors, Analytic Rules, Playbooks, etc.) Difenda Shield Services Overview - 24x7x365 MXDR triage and response - Difenda AIRO: Automated Triage and Response engine (SOAR) - Difenda Shield Analytics Platform portal and real-time reporting - Integrated Threat Intelligence, including advisories and bulletins - Proactive Threat Hunting - Ongoing Sentinel maintenance, including Log Data Connector, Analytic Rule, and Playbook development - Remote Incident Response (RIR) retainer - Dedicated Technical Account Manager (TAM) & Customer Success Manager (CSM)