eXtended Managed Detection and Response

Stop attacks 24/7 with dedicated threat hunting, triage, investigation and response from our industry-leading eXtended managed detection and response (XMDR) partners

WHY IT MATTERS

Security teams struggle to keep up with the volume of work generated by siloed threat prevention and detection tools while also trying to be proactive.

  • Security teams need help keeping up with an endless backlog of alerts

    Analysts face a deluge of alerts – 11,047 alerts a day on average. This can cause many teams to ignore low-priority alerts.

  • Organizations can’t hire and retain the seasoned analysts they need

    Faced with a shortage of over 3 million security professionals worldwide, organizations are increasingly turning to managed services to augment their SecOps team. MDR services can be deployed rapidly.

  • Focusing on endpoint alert management is not enough

    Many MDR providers only monitor endpoint activity, placing the onus of investigating attacks on customers. Look for MDR services that offer holistic detection and response across all assets.

Man working with a laptop

Boost your security operations capabilities with eXtended managed detection and response (XMDR)

Learn more

EXTENDED MANAGED DETECTION AND RESPONSE

Transform your security operations from reactive to proactive, with 24/7 continuous coverage

Palo Alto Networks has teamed up with industry-leading XMDR service providers to offer the most comprehensive combination of experienced analysts, mature operational processes, and market-leading security products.
  • Complete visibility across network, endpoint and cloud assets with Cortex XDR
  • Expert threat hunting and forensics from seasoned analysts using latest tools and automations to cut response times
  • Security management and tuning optimized for your unique environment with direct access to experts
  • Detection and response
    Detection and response
  • Monitoring and triage
    Monitoring and triage
  • Expert security analysis
    Expert security analysis
  • Dedicated, proactive threat hunting
    Dedicated, proactive threat hunting
  • Guided remediation actions
    Guided remediation actions

Our XMDR partners

Our partners have demonstrated world-class capabilities and expertise and offer a range of offerings catered to your individual needs. Located throughout the globe, they provide proactive, always-on services to secure your business.

Trustwave

Trustwave delivers threat detection and response services that provide security teams with deep visibility and advanced security expertise to help identify and respond to advanced threats as they arise.

Learn more

Regional Availability: Global

Visit their site

Pricewaterhouse Coopers

PwC’s MDR combines proprietary threat intelligence, automation and a customized rule set of over 2,000 behavioral techniques to eliminate alert fatigue and allow for focus on truly important threats.

Visit their site

Regional Availability: Europe and Asia Pacific

Critical Start

CRITICAL START created the only cloud-based MDR platform purpose-built to resolve every security alert and reduce attacker dwell time, leveraging their MOBILE

Visit their site

Regional Availability: North America

BDO

BDO’s MDR service uses incident response methods and industry-leading technology to detect and respond to threats. This combines rule-based detection alongside the latest machine learning and automation techniques.

Visit their site

Regional Availability: Global

On2it

ON2IT's SOC-as-a-Service combines managed detection and response with Zero Trust-architected managed prevention and compliance services. Their in-house-developed mSOC Orchestration Platform offers deep integration with Cortex XDR.

Visit their site

Regional Availability: North America and Europe

7Layers

7Layers MDR delivers an extensive integration with Cortex XDR for real-time threat prevention, detection, investigation and response capabilities, providing increased visibility and comprehensive protection against today’s advanced threats. 7Layers’ professional services help tune Cortex XDR for high-fidelity threat detection across the whole environment, including network, endpoint, cloud and 3rd-party data.

Learn more

Regional Availability: Europe

Visit their site

Elisa

The combination of Cortex XDR and a unique Cyber Security Center, Elisa MDR provides a comprehensive cyber security solution to an organization that covers the end-to-end requirements to stay ahead of the today’s latest threats. We help our customers to identify cyber risks, provide solutions for preventive cyber capabilities and offer 24/7 SOC capabilities for detection, investigation, response and recovery of cyber incidents.

Learn more

Regional Availability: Europe

Visit their site

Orange Cyberdefense

Orange Cyberdefense provides a holistic solution to threat management to address all your security needs: prevent, automatically detect, investigate, respond and adapt. OCD delivers a fully-managed, cloud cybersecurity solution for medium and large customers. Our global end-to-end solution is available in 200+ countries.

Visit their site

Regional availability: Global

Scitum

With more than 22 years in the market, Scitum TELMEX is the leader in cybersecurity in Latin America. We operate the main Cybersecurity and Cyberintelligence Centers, with 650+ specialists serving 1,820+ clients. We’ve built the most complete cybersecurity ecosystem in the region, with endorsements and collaborations across the community.

Visit their site

Regional availability: Latin America

Solution brief

KHIPU Networks

KHIPU offers flexible MDR services to meet organizations’ unique requirements, environments and priorities. Ranging from continuous alerting and notification only, to root cause analysis, response and mitigation – whatever the requirement is, our SOC MDR service platform can deliver what our customers need.

Visit their site

Region availability: Global

Solution brief

Telefónica Tech

Telefónica Tech is a leading intelligent cybersecurity and managed security services provider that offers best-in-class prevention, detection, automation and response capabilities. Telefónica Tech’ turnkey MDR service helps modern organizations to extend their detection and response operations by allowing them to offload the efforts of 24x7 alert monitoring, proactive threat hunting, and incident response, backed by Telefonica’s fixed technology stack.

Visit their site

Region availability: Global

Learn more

Infoguard

InfoGuard's Cyber Defence Services combine high-level expertise and the latest technology such as Cortex XDR with the years of experience of our security experts and threat analysts. The Swiss Cyber Security Expert provides real-time threat prevention, detection, investigation and response, providing greater visibility and comprehensive protection against today's modern threats. With technology support and the CDC governance, InfoGuard’s CDC is able to respond immediately to a cyber-attack to disrupt the attack chain and prevent damage from adversaries.

Visit their site

Region availability: EMEA

SENTRIA by NETDATA

Sentria™ is a managed, detection, and response service integrated with technologies across Palo Alto Networks platforms to power up your SecOps team 24/7 and help them anticipate cyberattacks in the cloud, hybrid, and on-premises environments. Merging Netdata expertise with Palo Alto Networks and relentless customer service, we're redefining how security services are delivered.

Coverage region: Latin America and North America

Visit their site

Norlem

Norlem is an organization laser focused on cybersecurity. Rather than try to solve an unmanageable array of technology challenges, we channel all of our energy towards delivering the most competent level of cybersecurity service possible. Our origin and ongoing culture is engineering first, engineering last. This has led us to a different approach regarding how we form new customer partnerships; we earn them by demonstrating deep expertise in the technologies that we believe to be the best.

Region availability: North America

Visit their site

PricewaterhouseCoopers Tecnologia da Informação Ltda

PwC’s Managed Detection and Response services helps clients secure their network, improve threat visibility and reduce response time to minutes. The service, named “Managed Cyber Defence”, is a tech and automation ecosystem that exponentially improves the ability to gain visibility and process complex security telemetry.

Region availability: Brazil and Latam

Visit their site

ADEO

ADEO’s MDR service provides 24x7 monitoring, analysis, investigation and response to security incidents. Developed by leading cyber security professionals with unmatched expertise, the service helps all organizations reduce attack dwell time by preventing breaches before they happen.

Regional availability: EMEA

Website

LinearStack

LinearStack's MDR service is designed for organisations that want to strengthen their cybersecurity posture but do not have the time and resources to manage all their security operations in-house. At LinearStack we’ve combined Cortex XDR with our 360-degree approach to cyberdefence to ensure our SOC works at pace to investigate, respond to and hunt for advanced stealthy threats 24x7x365. By working with an established SOC you can expect LinearStack to onboard, tune, and operationalise Cortex within weeks, bolstering your cyberdefences faster and leaving your team free to focus on strategic projects.

Regional availability: APAC

Website

Datashield

Datashield is a 24x7 Managed Detection and Response provider that is an independently operated, and wholly owned subsidiary, of ADT. Datashield has been an industry recognized MDR provider for over ten years. Datashield delivers its services through a transparent co-managed model with customers ranging from 50 to 85,000 employees in a wide variety of industries across 4 continents.

Regional availability: Global

Website

Netsecurity

Netsecurity 24/7 MDR services consist of a SOC that actively uses automation tools (XSOAR) and playbooks. Combined with a working IRT team, we can do forensics based on incidents from various sources such as endpoints, firewalls, cloud services, SIEM tools etc.The incidents are mapped to the MITRE ATT&CK® framework to classify the type of incident and where in the attack chain the incident is detected. Mapping incidents to MITRE ATT&CK® enables the platform to quickly identify where in the attack kill chain an incident was discovered. The result is a quick and reliable response back to the customer environment through API integrations.

Region: Nordics

Website

Data Equipment

Data Equipment's turnkey MDR service helps organizations with detection and response operations by allowing them to offload the efforts of 24/7 alert monitoring, proactive threat hunting and incident response. Our MDR service extends from protecting endpoints, to network and public cloud, utilizing Palo Alto Networks XDR and security automation tools in addition to our purpose built technology stack, skilled resources and processes

Region: Nordics

Website

NVISO

NVISO’s 24x7 Managed Detection & Response offering is based on Cortex XDR and XSOAR technology. Leveraging this industry-leading technology, our experienced experts can support customers through the entire cyber security incident lifecycle. The NITRO platform supports NVISO’s Managed Services and allows us to integrate a variety of security solutions to enable efficient orchestration, automation and response.

NVISO is a European company with offices in Brussels, Frankfurt and Munich employing around 150 cyber security experts.

Region: Europe

Website

Conscia

Conscia's 24/7 MDR services are based at NIL (Part of Conscia) with local cyberdefense team representation. Conscia’s turnkey MDR services can be tailored to your organization, and deeply integrated with all Palo Alto Networks technologies, whereby XSOAR is the orchestration and automation engine for all services.

The service includes, among other capabilities: alert monitoring on many platforms, proactive threat hunting and incident response.

Region: Europe

Website

TATA CONSULTANCY SERVICES

Tata Consultancy Services is an IT services, consulting and business solutions organization that has been partnering with many of the world’s largest businesses in their transformation journeys for over 50 years. TCS offers a consulting-led, cognitive powered, integrated portfolio of business, technology and engineering services and solutions. This is delivered through its unique Location Independent Agile™ delivery model, recognized as a benchmark of excellence in software development.

Regional Availability: Global

Website

Driven Technologies' 24/7 MDR services leverage a powerful automation tool (Cortex XSOAR) as the nucleus of our SOC, and can ingest alerts from multiple sources such as SIEM, EDR, vulnerability management tools, and cloud services. With a platform built to leverage the MITRE ATT&CK framework, Driven's threat intelligence feeds allow our SOC analysts to improve threat hunting and create high-fidelity alerts which drastically reduce noise and alert fatigue that many SOC operations struggle with. Driven Technologies' platform also provides enhanced business intelligence with our Cyber Risk Scorecard, creating unprecedented visibility into improvements of an organization's security posture.

Regional Availability: North America

Website

Why Choose Our Partners for eXtended Managed Detection and Response?

Augment Your Team with Cortex XDR Experts

Our hand-picked XMDR partners let you instantly scale your SecOps team to defend against fast-moving threats. They provide you 24/7, year-round alert management, threat investigation, incident response and threat hunting. Their decades of experience mean expert deployment and fine-tuning of Cortex XDR for each environment, enabling you to mature your security operations in days, not years.

  • Rapid Deployment

    Setting up an effective detection and response program is easier with a helping hand. Our industry-leading partners offer deployment assistance, guidance and continuous monitoring to ensure your business stays safe.

  • Immediate Response

    Get relief from the daily panic. Specialized XMDR providers apply their in-depth hunting and forensics knowledge to identify and contain threats before they become a breach.


Protect All Your Assets with Complete Visibility

To stop modern attacks, you need to think beyond the endpoint. Many of our partners can manage all your alerts – including endpoint, network and cloud alerts – from a single pane of glass. Even if you start with just endpoint data, you can expand your MDR services to all data sources in the future.

  • Full Coverage

    Because many of our XMDR partners offer detection and response across all your data, they can understand the full scope of an incident to root out adversaries and keep them out.

  • Consolidated Services

    Many of our XMDR partners deliver a broad portfolio of managed security services. Rather than selecting a vendor’s limited MDR service, opt for a partner that can address all your service needs and lower your costs.


Augment Your Team with Dedicated Unit 42 Threat Hunters

Managed Threat Hunting from Palo Alto Networks offers 24/7 monitoring from seasoned hunters to discover attacks anywhere in your organization. Our threat hunters work on your behalf to discover advanced threats, such as state-sponsored attackers, cybercriminals, malicious insiders and malware

  • Advanced hunting

    Gain peace of mind with world-renowned hunters combing your security data for emerging threats.

  • Expert assistance

    Get answers to questions and receive guidance about findings revealed in Threat, Inquiry and Impact Reports.


Cortex XDR: eXtended Managed Detection and Response Services

Cortex XDR With XMDR Services
Automated threat preventionAutomated blocking of malware, exploits, ransomware and fileless attacks
Comprehensive detection across all data Behavioral analytics, correlation rules, incident management and root cause analysis of alerts from any source
Coordinated responseLive Terminal, Search and Destroy, script execution, host restore, quarantine, isolation, blocking and more
Dedicated, proactive threat huntingRound-the-clock manual and semi-automated hunting powered by threat intelligence and playbooks
Optional Managed Threat Hunting Service
Monitoring and investigation of alerts Alert triage and focused incident analysis by experts
Guided remediation actions Step-by-step instructions for containment and recovery; optional remediation by MDR partners
Direct access to analystsContact cybersecurity experts to get answers to urgent questions.
Cortex XDR
Automated threat preventionAutomated blocking of malware, exploits, ransomware and fileless attacks
Comprehensive detection across all data Behavioral analytics, correlation rules, incident management and root cause analysis of alerts from any source
Coordinated responseLive Terminal, Search and Destroy, script execution, host restore, quarantine, isolation, blocking and more
Dedicated, proactive threat huntingRound-the-clock manual and semi-automated hunting powered by threat intelligence and playbooks
Optional Managed Threat Hunting Service
Monitoring and investigation of alerts Alert triage and focused incident analysis by experts
Guided remediation actions Step-by-step instructions for containment and recovery; optional remediation by MDR partners
Direct access to analystsContact cybersecurity experts to get answers to urgent questions.
With XMDR Services
Automated threat preventionAutomated blocking of malware, exploits, ransomware and fileless attacks
Comprehensive detection across all data Behavioral analytics, correlation rules, incident management and root cause analysis of alerts from any source
Coordinated responseLive Terminal, Search and Destroy, script execution, host restore, quarantine, isolation, blocking and more
Dedicated, proactive threat huntingRound-the-clock manual and semi-automated hunting powered by threat intelligence and playbooks
Monitoring and investigation of alerts Alert triage and focused incident analysis by experts
Guided remediation actions Step-by-step instructions for containment and recovery; optional remediation by MDR partners
Direct access to analystsContact cybersecurity experts to get answers to urgent questions.
GartnerPeer Insights Logo
Check out the latest 5-star feedback from the Gartner user community

“Cortex XDR provides great protection while providing a wealth of data about endpoints.”

Security Analyst, retail industry

Read the review

“The Cortex XDR agent is the best on the market for attacks.”

Automation Manager, manufacturing industry

Read the review

“Happy we switched from CrowdStrike Falcon to Cortex XDR!.”

IT Operations Manager, manufacturing industry

Read the review