Managed Detection and Response

Stop attacks 24/7 with dedicated threat hunting, triage, investigation and response from our industry-leading Managed Detection and Response (MDR) partners.

WHY IT MATTERS

Security teams struggle to keep up with the volume of work generated by siloed threat prevention and detection tools while also trying to be proactive.

  • Security teams need help keeping up with an endless backlog of alerts

    Analysts face a deluge of alerts – 11,047 alerts a day on average. This can cause many teams to ignore low-priority alerts.

  • Organizations can’t hire and retain the seasoned analysts they need

    Faced with a shortage of over 3 million security professionals worldwide, organizations are increasingly turning to managed services to augment their SecOps team. MDR services can be deployed rapidly.

  • Focusing on endpoint alert management is not enough

    Many MDR providers only monitor endpoint activity, placing the onus of investigating attacks on customers. Look for MDR services that offer holistic detection and response across all assets.

Man working with a laptop

Boost your security operation capabilities with managed detection and response (MDR).

Learn more

MANAGED DETECTION AND RESPONSE

Transform your security operations from reactive to proactive, with 24/7 continuous coverage

Palo Alto Networks has teamed up with industry-leading MDR service providers to offer the most comprehensive combination of experienced analysts, mature operational processes, and market-leading security products.
  • Complete visibility across network, endpoint and cloud assets with Cortex XDR
  • Expert threat hunting and forensics from seasoned analysts using latest tools and automations to cut response times
  • Security management and tuning optimized for your unique environment with direct access to experts
  • Detection and response
    Detection and response
  • Monitoring and triage
    Monitoring and triage
  • Expert security analysis
    Expert security analysis
  • Dedicated, proactive threat hunting
    Dedicated, proactive threat hunting
  • Guided remediation actions
    Guided remediation actions

Our MDR partners

Our partners have demonstrated world-class capabilities and expertise and offer a range of offerings catered to your individual needs. Located throughout the globe, they provide proactive, always-on services to secure your business.

Trustwave

Trustwave delivers threat detection and response services that provide security teams with deep visibility and advanced security expertise to help identify and respond to advanced threats as they arise.

Learn more

Regional Availability: Global

Visit their site

Pricewaterhouse Coopers

PwC’s MDR combines proprietary threat intelligence, automation and a customized rule set of over 2,000 behavioral techniques to eliminate alert fatigue and allow for focus on truly important threats.

Learn more

Regional Availability: Europe and Asia Pacific

Visit their site

Critical Start

CRITICAL START created the only cloud-based MDR platform purpose-built to resolve every security alert and reduce attacker dwell time, leveraging their MOBILE

Learn more

Regional Availability: North America

Visit their site

BDO

BDO’s MDR service uses incident response methods and industry-leading technology to detect and respond to threats. This combines rule-based detection alongside the latest machine learning and automation techniques.

Learn more

Regional Availability: Global

Visit their site

On2it

ON2IT's SOC-as-a-Service combines managed detection and response with Zero Trust-architected managed prevention and compliance services. Their in-house-developed mSOC Orchestration Platform offers deep integration with Cortex XDR.

Learn more

Regional Availability: North America and Europe

Visit their site

7Layers

7Layers MDR delivers an extensive integration with Cortex XDR for real-time threat prevention, detection, investigation and response capabilities, providing increased visibility and comprehensive protection against today’s advanced threats. 7Layers’ professional services help tune Cortex XDR for high-fidelity threat detection across the whole environment, including network, endpoint, cloud and 3rd-party data.

Learn more

Regional Availability: Europe

Visit their site

ADEO

ADEO’s MDR service provides 24x7 monitoring, analysis, investigation and response to security incidents. Developed by leading cyber security professionals with unmatched expertise, the service helps all organizations reduce attack dwell time by preventing breaches before they happen.

Learn more

Regional Availability: Europe

Visit their site

Anetys

Anetys’ managed detection and response (MDR) service, powered by Cortex XDR™ by Palo Alto Networks, delivers 24/7 detection, investigation, and response against today’s most advanced threats across networks, endpoints, clouds, and third-party data. Organizations gain peace of mind and instant security maturity knowing they have a team of experts with advanced forensic and incident response experience watching over their environments around the clock.

Learn more

Regional Availability: Europe

Visit their site

Elisa

The combination of Cortex XDR and a unique Cyber Security Center, Elisa MDR provides a comprehensive cyber security solution to an organization that covers the end-to-end requirements to stay ahead of the today’s latest threats. We help our customers to identify cyber risks, provide solutions for preventive cyber capabilities and offer 24/7 SOC capabilities for detection, investigation, response and recovery of cyber incidents.

Learn more

Regional Availability: Europe

Visit their site

Netsecurity

Netsecurity Secure Operations MDR is a complete service offering 24x7 threat detection, machine-speed analysis and investigation of threats and multi-layer prevention built on principles of Zero Trust that includes transparent reporting on threats affecting an environment.

Learn more

Regional Availability: Europe

Visit their site

SpotIT

SpotIT’s MDR service, powered by Cortex XDR, provides managed detection, investigation, remediation, and incident response to threats across network, endpoint, cloud, and third-party data. SpotIT works closely with Palo Alto Networks and the Unit 42 threat research team to gain maximum detection and response capabilities from endpoints to networks (IT and OT) and clouds.

Learn more

Regional Availability: Europe

Visit their site

Telia Cygate

Telia Cygate MDR delivers 24x7 coverage backed by world-class security professionals to help react to threats in a fast and formalized manner across network, endpoint and cloud.

Learn more

Regional Availability: Europe

Visit their site

Optiv

Optiv's Managed Detection and Response solution delivers a proprietary methodology to detect & prioritize adversaries, hunt for adversaries, and perform comprehensive analysis with enriched context from the client’s existing technology stack. Based on the client response plan, Optiv will administer containment actions or provide detailed guidance to eradicate the threat.

Visit their site

NIL

To provide organizations with detection and response capabilities, NIL operates the NIL SOC, a managed detection and response (MDR) service. Using MDR services, organizations can shorten the time to detect intruders from a current world average of several months, to hours or even minutes. Such a short detection time allows for fast response to significantly limit - or entirely prevent - business loss.

Visit their site

Regional availability: Europe

Solution brief

Orange Cyberdefense

Orange Cyberdefense provides a holistic solution to threat management to address all your security needs: prevent, automatically detect, investigate, respond and adapt. OCD delivers a fully-managed, cloud cybersecurity solution for medium and large customers. Our global end-to-end solution is available in 200+ countries.

Visit their site

Regional availability: Global

Scitum

With more than 22 years in the market, Scitum TELMEX is the leader in cybersecurity in Latin America. We operate the main Cybersecurity and Cyberintelligence Centers, with 650+ specialists serving 1,820+ clients. We’ve built the most complete cybersecurity ecosystem in the region, with endorsements and collaborations across the community.

Visit their site

Regional availability: Latin America

Solution brief

Expel

24x7 security monitoring and response for cloud, hybrid and on-premises environments. We connect to customers’ existing security investments remotely through APIs, not agents, so our SOC can start monitoring their environment in a matter of hours, letting their teams get back to focusing on strategic priorities.

Visit their site

Regional availability: Global

Driven Technologies

Driven Technologies’ MDR solution enhances our SOC-as-a-Service 24/7/365 eyes on glass service, utilizing technology, human analysis, and AI to expand the circle of security, leveraging a larger pool of threat forensics to expand the probability of positive outcomes in response to current threats as well as those in the future.

Visit their site

KHIPU Networks

KHIPU offers flexible MDR services to meet organizations’ unique requirements, environments and priorities. Ranging from continuous alerting and notification only, to root cause analysis, response and mitigation – whatever the requirement is, our SOC MDR service platform can deliver what our customers need.

Visit their site

Region availability: Global

Solution brief

Telefónica Tech

Telefónica Tech is a leading intelligent cybersecurity and managed security services provider that offers best-in-class prevention, detection, automation and response capabilities. Telefónica Tech’ turnkey MDR service helps modern organizations to extend their detection and response operations by allowing them to offload the efforts of 24x7 alert monitoring, proactive threat hunting, and incident response, backed by Telefonica’s fixed technology stack.

Visit their site

Region availability: Global

Infoguard

InfoGuard's Cyber Defence Services combine high-level expertise and the latest technology such as Cortex XDR with the years of experience of our security experts and threat analysts. The Swiss Cyber Security Expert provides real-time threat prevention, detection, investigation and response, providing greater visibility and comprehensive protection against today's modern threats. With technology support and the CDC governance, InfoGuard’s CDC is able to respond immediately to a cyber-attack to disrupt the attack chain and prevent damage from adversaries.

Visit their site

Region availability: EMEA

Subscuto

Decades of field experience in cyber security operations, outstanding incident response and malware analysis skills, and the world’s most comprehensive XDR and SOAR platform – aiming to reduce your cyber risks through effective, business aligned, 24/7 managed detection and response service, delivered by the alliance of Palo Alto Networks and Subscuto.

Visit their site

Region availability: EMEA

Solution brief

NTT Data

Threats are becoming more and more sophisticated. Anti-malware solutions are not able anymore to guarantee the protection without proper management, tuning and monitoring. NTT DATA zenSOC uses the most powerful technologies and includes the highest level of skills in threat defense.

Visit their site

Region availability: Italy

Solution brief

Net Consulting Ltd

The Net Consulting MDR service, based in the UK, provides real-time detection and response capabilities, backed by 24/7 automation and designed to protect organizations’ processes and digital assets against cyber threats. The service can be tailored for businesses of any size, but Net Consulting specializes in delivering MDR services into mid-market organizations. Net Consulting’s team of security analysts monitor networks, users, devices and data to detect and respond to risks from ‘Floodlight,’ a UK sovereign SOC powered by Cortex XDR and Cortex XSOAR. The company also operates a UK Government classified List X site, in support of their defense practice.

Coverage region: Europe

Visit their site

Why Choose Our Partners for Managed Detection and Response?

Augment Your Team with Cortex XDR Experts

Our hand-picked MDR partners let you instantly scale your SecOps team to defend against fast-moving threats. They provide you 24/7, year-round alert management, threat investigation, incident response and threat hunting. Their decades of experience mean expert deployment and fine-tuning of Cortex XDR for each environment, enabling you to mature your security operations in days, not years.

  • Rapid Deployment

    Setting up an effective detection and response program is easier with a helping hand. Our industry-leading partners offer deployment assistance, guidance and continuous monitoring to ensure your business stays safe.

  • Immediate Response

    Get relief from the daily panic. Specialized MDR providers apply their in-depth hunting and forensics knowledge to identify and contain threats before they become a breach.


Protect All Your Assets with Complete Visibility

To stop modern attacks, you need to think beyond the endpoint. Many of our partners can manage all your alerts – including endpoint, network and cloud alerts – from a single pane of glass. Even if you start with just endpoint data, you can expand your MDR services to all data sources in the future.

  • Full Coverage

    Because many of our MDR partners offer detection and response across all your data, they can understand the full scope of an incident to root out adversaries and keep them out.

  • Consolidated Services

    Many of our MDR partners deliver a broad portfolio of managed security services. Rather than selecting a vendor’s limited MDR service, opt for a partner that can address all your service needs and lower your costs.


Augment Your Team with Dedicated Unit 42 Threat Hunters

Managed Threat Hunting from Palo Alto Networks offers 24/7 monitoring from seasoned hunters to discover attacks anywhere in your organization. Our threat hunters work on your behalf to discover advanced threats, such as state-sponsored attackers, cybercriminals, malicious insiders and malware

  • Advanced hunting

    Gain peace of mind with world-renowned hunters combing your security data for emerging threats.

  • Expert assistance

    Get answers to questions and receive guidance about findings revealed in Threat, Inquiry and Impact Reports.


Cortex XDR: Managed Detection and Response Services

Cortex XDR With MDR Services
Automated threat preventionAutomated blocking of malware, exploits, ransomware and fileless attacks
Comprehensive detection across all data Behavioral analytics, correlation rules, incident management and root cause analysis of alerts from any source
Coordinated responseLive Terminal, Search and Destroy, script execution, host restore, quarantine, isolation, blocking and more
Dedicated, proactive threat huntingRound-the-clock manual and semi-automated hunting powered by threat intelligence and playbooks
Optional Managed Threat Hunting Service
Monitoring and investigation of alerts Alert triage and focused incident analysis by experts
Guided remediation actions Step-by-step instructions for containment and recovery; optional remediation by MDR partners
Direct access to analystsContact cybersecurity experts to get answers to urgent questions.
Cortex XDR
Automated threat preventionAutomated blocking of malware, exploits, ransomware and fileless attacks
Comprehensive detection across all data Behavioral analytics, correlation rules, incident management and root cause analysis of alerts from any source
Coordinated responseLive Terminal, Search and Destroy, script execution, host restore, quarantine, isolation, blocking and more
Dedicated, proactive threat huntingRound-the-clock manual and semi-automated hunting powered by threat intelligence and playbooks
Optional Managed Threat Hunting Service
Monitoring and investigation of alerts Alert triage and focused incident analysis by experts
Guided remediation actions Step-by-step instructions for containment and recovery; optional remediation by MDR partners
Direct access to analystsContact cybersecurity experts to get answers to urgent questions.
With MDR Services
Automated threat preventionAutomated blocking of malware, exploits, ransomware and fileless attacks
Comprehensive detection across all data Behavioral analytics, correlation rules, incident management and root cause analysis of alerts from any source
Coordinated responseLive Terminal, Search and Destroy, script execution, host restore, quarantine, isolation, blocking and more
Dedicated, proactive threat huntingRound-the-clock manual and semi-automated hunting powered by threat intelligence and playbooks
Monitoring and investigation of alerts Alert triage and focused incident analysis by experts
Guided remediation actions Step-by-step instructions for containment and recovery; optional remediation by MDR partners
Direct access to analystsContact cybersecurity experts to get answers to urgent questions.
GartnerPeer Insights Logo
Check out the latest 5-star feedback from the Gartner user community

“Cortex XDR provides great protection while providing a wealth of data about endpoints.”

Security Analyst, retail industry

Read the review

“The Cortex XDR agent is the best on the market for attacks.”

Automation Manager, manufacturing industry

Read the review

“Happy we switched from CrowdStrike Falcon to Cortex XDR!.”

IT Operations Manager, manufacturing industry

Read the review