Security Incident Response

If you think you have or know you have a Security Incident please fill in the form and our experienced Onevinn CSIRT team will reach out shortly.
The team has long experience in supporting customers in Incident Response and Compromised Recovery.
Keep calm and we will be with you shortly!

Jakob Türk 20 Jun 2022
2 min

MDR Governance

MDR Governance, better customer security posture.

What is MDR Governance? 

Managed Detection and Response (MDR) entails the outsourcing of cybersecurity to a third party for the purpose of protecting an organization where time and scope would otherwise not allow. This is often achieved by utilizing a mix of automated, reactive, and proactive responses to threats, including threat intelligence, 24/7 monitoring, and incident response – all carried out by a team of experienced security analysts. 

For the MDR service to have maximum efficacy for a customer, governance is critical. In brief, Onevinn’s MDR governance consists of regular meetings where the MDR governance lead briefs the customer on needs, vulnerabilities, and how the global security climate affects the company’s security posture. These briefings include recommendations on how to improve security posture, findings by threat hunters, and a summary of the MDR team’s developments since the last meeting.  

The meetings are a way for the customer’s organization to see what needs to be improved, get a direct link to their security provider, and gain insight on what’s being done to ensure their ongoing safety from digital threats. 


Why MDR Governance? 

Industry best practices and empirical knowledge  

MDR governance allows the MDR service to function to its fullest potential, working proactively and systematically towards achieving the collaborative goal for both the MDR team and the customer. Goals are agreed upon, and the regular meetings lets those goals and priorities be corrected and adjusted to fit the current and future needs, and to ensure efficacy. 

By maintaining MDR governance, Onevinn perfects both our availability to the customer, and our ability to presenting findings and data directly and without noise. It makes the flow of information between the two parties substantially more fluent, which in turns increases the efficacy of the product itself – resulting in better overall security posture. 

A system which encourages communication will always trump one which works within neutral, rigid boundaries. Flexibility and adaptation are key components that MDR governance seeks to emphasize and is part of why it makes MDR invaluable as a service. 

In short: we work together to maximize efficiency without noise. 

How MDR Governance?

Proactive work and Microsoft suite integrations 

A key benefit of MDR governance is the inclusion of continual service improvement (CSI) strategies. By accessing and analyzing customer software inventory via Microsoft security suites, we can aid in the continual strengthening of their environment by implementing (or enhancing established) attack surface reduction and increasing the efficacy of active resources. This is done by assessing the current vulnerabilities associated with the customer’s software and hardware inventories and providing insight into high impact changes that strengthen their security posture, as well as providing security recommendations to the customer’s software and rights management. shutterstock_600760271

Together with our customer we create an action plan with the necessary steps required to reach the fullest potential of their current environment. Our goal is to give the insight and aid needed to harden the customer’s infrastructure and ensure the availability of necessary information to allow for sound decisions regarding information security.  

A direct effect of the MDR governance provides the customer and their organization with an increased security and risk awareness, as customers receive a more wholistic view of the threat landscape and their place in relation to risks and threats. A better security awareness – as a result of long term MDR Governance – means amplification of security posture over time, beyond immediate fixes and remediations, and makes the customer more likely to tackle shifts in the threat climate long term. 

Read more about:  Onevinn MDR   and Threat Hunting