WithSecure Countercept Managed Detection and Response
Managed Detection and Response (MDR) built by attackers for defenders.
WithSecure's Detection and Response Team (DRT) deals with cyber threats to your organization in minutes. WithSecure Countercept MDR acts as an extension of your cyber security team, sharing out threat hunting expertise, helping your team learn and grow, and continuously improving your security.
Our threat hunters spend up to 30% of their time proactively hunting for threats and evolving tools and techniques they use to detect them. The DRT investigates every alert or combination of alerts that represent a significant detection.
Countercept MDR’s proprietary Endpoint Detection & Response (EDR) agent and log collectors, which feed data into our XDR detection platform, provide excellent visibility of user, endpoint, cloud and network activity.
Countercept MDR’s 24/7 First Response service contains and remediates cyber security incidents before they have a chance to impact the business. Our proven First Response methodology enables the <1% of incidents requiring specialist support to be smoothly escalated to our incident response team.
We deliver operational efficiency and resilience to clients that enables them to achieve their goals.
What can you achieve?
Effective Attack Detection & Response
Countercept is a threat-driven service designed to be effective in the 'gray area' where legitimate activity masks malicious intent. We react to detections in minutes - and execute containment actions within hours.
Peacetime Value
Countercept provides cyber security insights that support continuous security posture improvement. We help you improve your security posture and meet your compliance obligations.
True Partnership
We act as an extension of your cyber security team, giving you unmetered access to our experts, sharing our cyber threat hunting expertise, addressing queries and helping your team develop.
Take a short assessment and get a tailored report about your risk levels.
If you are interested in finding out the risk level of your threat detection and incident response capabilities as an organization take our free risk assessment.
Countercept MDR architecture
Countercept D&R team
WithSecure™ threat hunters spend up to 30% of their time proactively hunting for threats and evolving tools and techniques they use to detect them.
Effective incident response
Our DRT and Incident Response teams use the same technology platform and work closely together – meaning handoffs are seamless and well-practised
Peacetime Value
Dedicated security engineers provide cyber security insights that help you deter and resist attacks
Countercept MDR advantages
Proprietary XDR platform
In-house expertise and in-house development of systems, from Detection all the way through to Incident Response.
Consistently effective in MITRE evaluations
Across all three evaluations WithSecure™ consistently identifies threats and has demonstrated its effective response in the face of potential cyber attacks and data breaches.
Europe-only Countercept MDR option
Delivered wholly within Europe and eliminating data access to anyone outside.
NPS growth of 124% since launch
Incidents demand preparation, prompt action and clear communication. Our customers affirm that we do this.
Consistently outstanding service
Net Promoter Score (NPS): 51
Customer Effort Score (CES): 89%
Customer satisfaction (CSAT): 4.6/5–4.7/5
30 years of true partnership
Working to solve technology problems since 1988. Countercept MDR has been delivering its threat hunting services since 2016.
WithSecure Countercept and common D&R solutions compared
| Feature | Common D&R solutions | WithSecure™ Countercept |
|---|---|---|
| Time to value | Months | Days |
| Logs consumed per month | Billions | Millions |
| Alerts per month | 100,000s | 1,000s of relevant alerts |
| Alerts investigated by expert | 0-10% | 100% |
| Investigation time | <1 minute | As long as necessary |
| Solution efficacy (% of actions that produce a desired result) | <50% | >95% |
| Responder profile | Analyst | Threat hunter |
Take a deep dive into WithSecure™ Countercept MDR
Unleashing the Power of Shimcache with Chainsaw
WithSecure™ Incident Response team has released a new subcommand for the Chainsaw forensic tool named “analyse”. This new subcommand incorporates three innovative and novel techniques to aid the analysis and timestamp enrichment of Shimcache entries.
Read moreCat-Scale Linux Incident Response Collection
On 30 September 2019, Joani Green and John Rogers gave a talk titled "Performing Linux Investigations at Scale" at the SANS DFIR Summit in Prague.
Read moreGarbageMan – Dumpster-diving the .NET heap
GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
Read moreDetectree: Detection Visualisation for Blue Teams
Detectree is a tool for visualising cyber security events and their relationships.
Read more
Customer references
WithSecure™ received a rating
of 5 stars from the reviewer
Gartner Peer Insights: Excellent Service And Experience
April 9th, 2021
"Excellent service on both technical and commercial sides. Extremely responsive to feedback. All technical challenges have been met. Feels like a great partnership in the cyber security world."
CTO, Healthcare industry
WithSecure™ received a rating
of 5 stars from the reviewer
Gartner peer insights: A Case For Human Over AI Provided Security Services
April 8th, 2021
"I have a very close and interactive relationship which helps ensure that coverage, investigations and future roadmap developments are kept current and secured. The insights provided and their willingness to engage to help better analyse the data has proved exceptionally helpful to understanding our risks and remediations."
Network Security Manager, Services industry
WithSecure™ received a rating
of 5 stars from the reviewer
Gartner peer insights: A Partnership Which Extends Our Own Security Team
May 5th, 2021
"Impressed by the quality and level of knowledge within the WithSecure as well as the collaboration with our internal team."
Security and Risk Management, Communications industry
- Gartner Peer Insights, April 9th, 2021
- Gartner Peer Insights, April 8th 2021
- Gartner Peer Insights, May 5th 2021
The GARTNER PEER INSIGHTS Logo is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.
Related content
Frost Radar™: Global Managed Detection and Response Market, 2022
A continuing shortage of cyber security professionals means organizations will become increasingly reliant on managed services (MDR) for efficient security management.Read the report by @Frost & Sullivan
Read moreThe value of impediments; How to be more trouble than you’re worth
Effective deterrents prevent unwanted activity by threatening negative consequences; the threat of being caught, arrested, and sentenced is generally the best deterrence against crime. Unfortunately, effective deterrents do not exist in the world of cyber security.
Read moreMonthly Threat Highlights Report
Insights from the cyber threat landscape - courtesy of WithSecure™ Countercept's own Threat Intelligence team.
Read moreThe growing professionalization of cyber crime and what you can do
It started with selling hacking tools – and now it’s about selling access and so much more. Cyber criminals have changed their tactics once again – and it’s giving more scale to compromises, initial access and attacks. Find out what your organization is up against, what you need to do to protect it and what one education business did to survive and thrive.
Read more- Slide 2
- Slide 1
Talk to one of our experts.
Discover true partnership and real peace of mind. Complete the form, and we'll be in touch as soon as possible.
Our accreditations and certificates
