<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

Managed Security Service Providers (MSSP) vs Managed Detection and Response (MDR)

The following document is downloadable as a PDF, provided by Datashield, an ADT company. Learn how Datashield provides Managed Detection & Response services to our clients and the difference between MSSP and MDR.

FireShot Capture 014 -  - Click Here to Download the PDF


In the new cyber landscape of “Security as a Service” many Managed Security Service Providers (MSSP) claim that they can deliver Managed Detection and Response (MDR) type services. What is the difference? How can you ensure your organization is truly safe while managing your security tools effectively? Before we jump into the key differences between MSSP and MDR services, let’s first examine how they are the same.

As Gartner puts it: “The overlap between managed security services and MDR is increasing, which is adding to the confusion in the market and making it difficult for buyers. MSS and MDR still have distinct characteristics that buyers need to understand.”

Both provide 24x7x365 outsourced monitoring of security devices and systems. This also typically includes some level of event logging, compliance reporting, incident response support and containment.


Great...so how do they differ and which should you choose?

As Anton Chuvakin Research VP and Analyst for Gartner summarizes: “…an MDR is simply an MSSP that knows how to detect actual threats...”

What does this mean to your organization?

It means with an MDR you will spend less time sifting through alerts and less money on the people, technology and time to do so.

How can an MDR deliver on this promise?

A true MDR has the technology, expertise and experience to provide a complete forensic investigation, only notify the customer when true events arise and help initiate an action plan with remediation recommendations if necessary.


Issues with MSSP Alerts

  • No additional details included
  • No indication the MSSP actually investigated the alert further than reading the initial alert
  • No remediation assistance
  • Alert prone – alerts client of any and all alerts regardless of false-positive finding


Datashield Advantage

  • Forensic Investigation – Detailed investigation resulting in complete story of infection with forensic details.
  • Provide Complete Investigation Story Write-up – We share the story of this infection with the Client.
  • Notify Client (If Warranted) – Only warranted investigations are sent to the Client.
  • Provide Remediation Recommendations – Every investigation includes an action plan of how to remediate the issue.

Datashield MDR

Lack of budget coupled with a shortage of resources makes it increasingly difficult to implement a security program capable of:

  • Comprehensive 24x7x365 continuous monitoring
  • Full network visibility beyond signatures and logs
  • Real-time advanced threat detection using cyber threat intelligence
  • Active Hunting
  • Deep Forensic Analysis

Datashield's Managed Detection and Response service operates as an extension of your security team, providing the required expertise and resources to identify even the most advanced threats. The Datashield approach allows the customer to focus on validated threats only, which reduces the complexity and cost of threat detection.

Working in partnership with your business, Datashield will validate incidents, provide relevant context, investigate to determine scope and severity, and make recommendations for immediate containment and response.

Topics from this Article

Managed Detection and Response, Gartner, PDF, Managed Security Service Providers

Official Datashield account for blog content, news, announcements and more. The articles authored include a collaboration between internal staff, specifically the security operations and marketing team.

Related Posts

The Datashield Advantage: VMware Carbon Black

The following is a downloadable Datasheet that encapsulates Datashield's partnership with VMware Carbon Black as a premier endpoint protection platform.  It dives into the key advantages organizations receive when deploying Carbon Black and employing Datashield as a managed EDR provider.

Datshield Overview

The following is a downloadable document of Datashield's solution overview. Learn how Datashield is helping organizations create and maintain a sophisticated security strategy that stays ahead of the curve. Click to download or click here. Invest in your defense In today’s cyber security landscape, email and traditional anti-virus tools are no longer sufficient for organizations looking to defend against advanced persistent threats and targeted attacks. Datashield helps organizations create and maintain a sophisticated security strategy through our tools, processes, and team of experts.   Our Solutions Managed Detection & Response A truly resilient security strategy relies on people and management just as much as its tools and processes. Datashield employs some of the brightest minds in cybersecurity to staff its US-based SOC 2 Type-II certified facility. The security team’s expertise differentiates Datashield from its competitors.   Endpoint Detection & Response Traditional anti-virus solutions are no longer sufficient for organizations looking to defend against sophisticated attacks. Datashield deploys, tunes, and monitors endpoint protection platforms to provide greater network visibility and advanced features in a single lightweight solution.   Email Management In today’s cybersecurity landscape, email security tools are just the first line of defense against sophisticated cyber-attacks. Datashield helps clients set up and manage email security solutions, tailored to an organization’s complex needs and compliance requirements.   Vulnerability Management Discovering security infrastructure weaknesses is a critical process that is often overlooked due to budget constraints and knowledge gap. Datashield is able to provide affordable vulnerability management as a service, identifying, prioritizing and responding to threats.   Hire the best Datashield has been a leader in managed detection and response for over a decade, now backed by ADT.   People We take pride in our talented team across all departments. Our executive leadership have been long-time innovators in the cybersecurity space and our analysts are some of the brightest minds in the industry. Processes Our commitment to clients is creating powerful solutions and efficient processes. We rely on our proprietary technology, disruptive approach, and over a decade of experience to deliver world-class results to our clients. Technology Between our orchestration tool SHIELDVision, advanced SOC, and ability to integrate with a variety of industry-leading tools, we have the hardware and the software to provide advanced protection.   About Datashield Founded in 2009 Datashield, an ADT company, is one of the most tenured cyber security firms in North America. Our company provides end-to-end cyber security resilience solutions. We take the time to get to know our clients’ business needs and deliver sophisticated, tailored security solutions. Datashield has the experience and resources to efficiently and effectively set up, configure and manage virtually any SIEM appliance, email security tool, or endpoint platform--all from our US-based SOC 2 Type II-certified facility. Our partnership with ADT’s Commercial Security Services allows us to integrate and provide network security and other perimeter services. Additionally, our vendor relationships allow us to provide a wide spread of tools and features at competitive pricing.

The Packet Advantage

Click here to download the PDF