MDR Intelligence Hub
Resources on Managed Detection & Response — what effective MDR looks like, how providers differ, and what the detection layer needs to cover to be effective against modern attack techniques.
What This Hub Covers
MDR (Managed Detection & Response) is one of the fastest-growing security service categories — and one of the most inconsistently defined. Some providers call it MDR when they're really doing monitoring with email alerts. Others offer full threat hunting, forensics, and hands-on containment under the same label.
This hub is for security leaders, IT managers, and business owners trying to make sense of what MDR actually includes, what questions to ask providers, and how to evaluate whether detection coverage is actually keeping pace with attack techniques.
We also write here about the detection capabilities organizations commonly overlook — identity-based attacks, cloud workload threats, and post-exploitation techniques that bypass endpoint-only monitoring. Good MDR covers all of it.
Explore the articles below, or contact us to discuss what MDR looks like for your specific environment.
Latest MDR Articles
Critical LastPass Phishing Campaign Targets Master Passwords via Fake Support Threads
Attackers are using sophisticated fake LastPass support emails to steal master passwords. Learn how to detect and mitigate this threat.
APT28 Escalates Cyber Warfare: Inside the BadPaw and MeowMeow Malware Campaign
Russian APT28 strikes Ukrainian entities with novel BadPaw loader and MeowMeow backdoor via sophisticated phishing. Discover the TTPs and defense strategies.
Decoding PHALT#BLYX: How ClickFix Malware Targets the Hospitality Sector
A new PHALT#BLYX campaign is targeting the hospitality sector using ClickFix tactics and MSBuild abuse. Learn how to detect and stop this multi-stage malware.
New Malicious NuGet Packages Exfiltrate ASP.NET Identity Data and Create Persistent Backdoors
Security researchers have uncovered four malicious NuGet packages that steal ASP.NET data and create backdoors in applications.
SloppyLemming: Dissecting the Dual Malware Assault on South Asian Governments
New threat cluster SloppyLemming targets Pakistan and Bangladesh using BurrowShell and Rust-based payloads. Learn IOCs and defense.
Coruna iOS Exploit Kit Exposes 23 Vulnerabilities Targeting Millions of iPhones
Google's GTIG uncovers Coruna, a potent exploit kit using 23 exploits to compromise iPhones running iOS 13.0 through 17.2.1. Update immediately.
Broken Triage: 5 Ways It’s Increasing Your Business Risk Right Now
Broken alert triage drains budgets and blinds SOC teams to real threats. Discover the 5 hidden risks of inefficient security workflows.
Scattered LAPSUS$ Hunters Monetize Vishing: $1,000 Bounties for IT Help Desk Scams
Cybercrime group SLH is offering up to $1,000 per call to recruit women for IT help desk vishing. Learn how to detect and block these social engineering attacks.
Frequently Asked Questions
Ready to Talk MDR?
See what managed detection and response looks like for your environment.