Skip to main content

Detect & Respond

Staying ahead of Cyber threats

We protect our clients against cyber threats by advising, implementing, and/or operating capabilities designed to detect and respond to security incidents on IT, OT, and Cloud.

Our Detect & Respond capability supports organisations through a number of technical service offerings which are key for creating visibility on the threats the organisation is facing, as well as timely responses to these threats. We can support in building or further expanding this capability within your organisation through different delivery models:

  • Advise: Our experts assess your current capabilities to detect and respond to cyber threats and advise on how to further improve your cyber defenses.
  • Implement: We can drive implementations of different technical solutions, such as, EDR, SIEM,… from the most common vendors to building a complete Security Operations Center in which we will not only focus on Technology, but also the People and the Processes.
  • Operate: We can support clients in building a SOC, without having to invest and build a SOC. Our Operate delivery model provides a SOC-as-a-Service which removes the burden of having to invest in  technology, as well in having to have sufficient and trained staff to run these services.

Our services/solutions

1. Managed Security Monitoring

One of the biggest challenges in security is the large pool of security events generated by numerous security systems and the limited staff to act upon. With our Managed Security Monitoring services we put technology to work to aggregate and correlate security events, combined with our Security Operations Center to manage the solutions and act upon the security incidents raised by the technology. Our clients receive triaged and actionable incidents from our SOC which saves them time and allows them to focus on the incidents that require their attention.

  • Security Information and Event Management (SIEM):

A SIEM has traditionally been the go-to solution for event correlation, our experts can help your organisation decide on the right type of technology, assist in use case design, or provide a fully managed 24/7 service in which we will take on the tasks to onboard your security systems, apply relevant use cases to detect threats, and perform triage on the incidents generated before escalating towards your security team.

  • Managed Detection & response (MDR):

Our MDR service relies on technologies such as Endpoint Detection & Response (EDR), Network Detection & Response (NDR) or Extended Detection & Response (XDR).

The EDR is agent based and is typically rolled out on all end user devices and servers to create visibility, while NDR detects anomalies within the network based on a network tap. XDR is a solution that bridges EDR and XDR and provides SIEM-like coverage, without the complexity of a SIEM.
Our 24/7 services include the implementation, management and operations of these solutions, as well as triaging and responding to threats to ensure that your environment stays secure at all times.

2. SOC support

A well-oiled SOC requires sufficient staff to operate it. These profiles are hard to attract and even harder to retain, we can support your SOC by providing temporary or permanent trained and experienced staff. The additional resources will allow your SOC to allocate more time to the things that matter.

Modern cyber defenses rely on actionable cyber threat intelligence in order to be able to respond to emerging threats. At Deloitte we have created a CTI service which delivers organisation-specific threat intelligence, technical Indicators of Compromise and/or sector-wide threat reports.

Resolving a Cyber Incident requires a structured approach performed by an experienced team. At Deloitte we can bring both to help you in a time of need by assembling a team of experts with relevant knowledge for your environment.

Our Incident Response Retainer relieves our clients of having to contract a provider in time of need and assures them of having a team available within an agreed upon timeframe.