Ontinue driving the next evolution of MDR with AI

Driven to define the next evolution of Managed Detection and Response (MDR) for its partners all around the world, Ontinue ION AI-Powered MXDR expertly blends the best of managed extended detection and response — as well as assessment and prevention — into a service specifically designed for Microsoft security customers.

“We specialise in customers who are leveraging a lot of Microsoft security technology,” comments Tom Corn, Ontinue’s Chief Product Officer. “We have a unique process that isn't just about reactive detection and response, but about constantly improving companies' security posture, in what we call a proactive reactive service.”

When outsourcing security to MDR players, understanding the client's control stack poses challenges. While MDR providers may offer expert security support around the clock, the crucial factor is their comprehension of the client's unique environment. To go beyond basic alerts, effective investigation and response necessitate a deep understanding of the company's assets, architecture, and operational constraints. Without this understanding, constant inquiries to the client's IT and security teams can result in suboptimal responses.

As Corn explains, Ontinue was started by a group of data scientists with the idea of applying AI to MDR in a unique way. “We are doing something quite different here, where we're applying AI to understanding the customer and the environment we're defending, their operational constraints, and how the defenders have to work in their environment. This allows us to solve that problem of how to understand the environment quickly, deeply, and then localise the solution for a customer.”

Ontinue has also innovated with its interaction model. "We started with the premise that the world doesn't need another management console," say Corn. Instead, Ontinue built its interface into Microsoft Teams, so customers and Ontinue defenders collaborate in a shared channel, taking advantage of Teams capabilities they're already using during the workday. By doing this, we look, feel and act like a true extension of our customers' teams.

“We've specialised more deeply in customers who are using the Microsoft security stack. This has allowed us to do very deep things that you just don't see from other places because we've really specialised.

Corn explains that customers get a real-time view of their Microsoft Sentinel data costs through Ontinue ION — so they can react quickly when costs change. Customers get a much more predictable view of data costs, and they can identify the Sentinel data that adds the most value.

“Our Cyber Advisors also help customers not only understand what they are spending, but also the security value of what they are spending that money on. This way they can make more informed decisions about how to curtail costs.

“These dimensions - AI, the interaction model, and how we can go deeper with Microsoft than anyone really can - are relevant for not just where we are today, but where a lot of the future lies, in terms of really doing some new things, and breaking new ground, in the MDR space for customers.”

Read the full AmerCareRoyal digital report here