Managed Detection & Response

CI Security’s people leverage purpose-built technology to defend critical systems that save lives.

Critical Insight™ MDR reduces threat dwell time from months to minutes.

The Critical Insight Managed Detection and Response platform receives logs from our on-premises collector, from the cloud, or hybrid environments. Our best-in-class technology then prioritizes alerts to send to the Critical Insight Expert Analysts for investigation in the security operations centers.

By fusing machine with human intelligence, CI Security provides both the technology and security analyst talent to encompass a complete Managed Detection and Response solution. Herbert Fritch, Founder
Cigna-Healthspring

Monitor your networks with a team of US-based threat hunters.

CI Security’s Critical Insight Analysts watch networks for threats all day and night, every day of the year from the redundant Security Operations Centers in the United States. They find intrusions within two hours, investigate them fully and report them for action, when necessary. If an intrusion occurs, the Critical Insight Success Engineer makes urgent contact with an incident action plan, ready to collaborate and execute to eliminate the issue.

Having a team of trained professionals acting as a last line of defense will let our managing partner sleep well at night and keep us from ever having to send a letter to all of our clients apologizing for our lack of vigilance. Greg Olschwang IT Director
Ryan, Swanson & Cleveland, PLLC

Save your IT team hours of work per week.

Threat monitoring and investigating done right for a medium size organization should take 10-20 hours per week. One hospital CIO told us his team spends 40 hours per week doing it. CI Security takes the burden off, investigating alerts fully so you are not spending your time on false positives. With Critical Insight MDR, the IT team gets back to the job they were hired to do, and the threat investigations get thorough and expert attention.

We are more confident, especially on the weekend and after hours, that an outbreak will be caught fast. Our team has better work/life balance now that we have CI Security. Information Security Manager
School District Client

End the security employee hiring & training hassle.

Qualified security professionals are in high demand with 350,000 open jobs in cybersecurity according to the US Government. Once organizations find the right people, keeping them is a struggle. The cost of hiring, training, and retaining is growing every year. CI Security has solved that people-problem at scale, sourcing employees through an innovative program that helps teach cybersecurity in colleges called PISCES. We grow and train our own so you don’t have to.

By fusing machine with human intelligence, CI Security provides both the technology and security analyst talent to encompass a complete Managed Detection and Response solution. Herbert Fritch, Founder
Cigna-Healthspring

  • Protect Your Data

    Trained analysts monitor your network for issues, reducing the impact of a potential breach.

  • Agentless System

    Monitor your existing OT, IoT, or traditional infrastructure without the need for endpoint agents.

  • Extend Your Investments

    Capitalize on security investments, including endpoint, firewall, & behavioral analytics technologies.

  • Source Data Agnostic

    Monitor anything that security systems produce, whether on-premises, in a remote office, or in the cloud.

Advantages of Critical Insight MDR

  • Detect and Respond

    Advanced Threat Detection

  • Cloud MDR

    Monitor Cloud & Hybrid Environments

  • On-premise MDR

    On-Premise Packet Capture

  • PII & PHI

    Separate Metadata from PII & PHI

  • SOC 2 Certification

    SSAE-18 SOC 2 Type II Examined

  • Customer Portal

    Interactive Customer Portal

  • IAP

    Customized Incident Action Plans

  • Use existing technology

    No New Technology Requirements

  • Network Tests

    Network Security Testing

  • PCI Compliance

    PCI-DSS Readiness

Real people hunt for threats, investigate them, and respond with incident action plans.

Every customer has a dedicated advocate in the Security Operations Centers—the Critical Insight Success Engineer—who has a deep understanding of the customer’s specific needs and assets. They serve as the central communication point while a team of Critical Insight Analysts investigate threats and evaluate the need for an IAP.

  • Solving the people problem

    Our team includes experienced Security Analysts with decades of military, government, healthcare, and private sector experience.

  • Investigations and IAPs

    Alerts and incidents go through full, expert investigations. When action is required, we provide clear & complete Incident Action Plans with post-incident monitoring & recovery assistance.

  • Critical Insight SOCs

    CI Security performs annual Type 2 SOC 2 examinations for multiple Security Operations Centers and provides continuity of service, even in the event of a natural disaster.

  • Protecting privacy

    Packet capture remains behind your firewall, with only metadata sent—fully encrypted—to the Critical Insight Data Center, keeping PHI/PII on-premises.

CI Security Managed Detection and Response integrates seamlessly into your existing architecture.

The Critical Insight Managed Detection and Response platform receives logs from our on-premises collector, the cloud, or hybrid environments. Our best-in-class technology then prioritizes alerts to send to the Critical Insight Expert Analysts for investigation in the security operations centers.

  • On-Premises

    Packet Capture on Critical Insight Collector, Network-based ingest, creating full visibility including IoT, and Syslog and NetFlow for additional context.

  • AWS

    Detailed audit logs through CloudTrail, events retrieved through CloudWatch, and alerts sent by AWS GuardDuty.

  • Azure

    Logs from Blob storage from MS Graph API & Azure Event Hubs and events in Azure services.

  • Office 365

    Logs & alerts using Microsoft Cloud Application Security (MCAS) and user behaviors in O365 applications.

Our expert analysts can take a proactive stance on your network to rapidly quarantine threats before they can attack and fully compromise the system.

Our Critical Insight Success Team works directly with organizations to set up a detailed “playbook” that outlines the details of when and how the analysts can intervene during an active cyber threat. If a threat emerges, CI Security can log into network switches disabling individual ports or the entire switch. The team also has the ability to disable network user accounts.

  • Detailed Network Diagram

    The first step is to fully understand your network and how everything is connected to ensure that the team has a full understanding of what devices are attached to a port.

  • Comprehensive Playbook

    By clearly outlining the structure of when analysts can quarantine with and without approval as well as when to not quarantine a threat, we ensure that your system will be minimally impacted in the event of a cybersecurity incident.

Add a full-service security and compliance suite to your existing infrastructure.

  • Detect & Respond

    Managed Detection & Response

    Critical Insight Security Analysts monitor anything that your security systems produce, whether on-premises, in a remote office, or in the cloud.

  • Continuous scanning

    Continuous Vulnerability Identification

    Set up custom scans on your network at the frequency that you choose, eliminating the risk of waiting for next year’s scan.

    Learn about CVI
  • Log Management

    Log Management

    Manage log collection for AWS and on-premise networks. Your logs are encrypted, hashed, and securely stored for the amount of time you need.

    Learn about Log Management

Real people hunt for threats, investigate events, and respond with incident action plans.

Contact us Request a demo