Intelligence that’s more than artificial.

MDR: Managed Detection and Response

Our Managed Detection and Response (MDR) service combines a dedicated team of engaged experts with next-generation technologies to provide real-time threat detection, investigation, and response. Advanced Analytics, and Integrated Threat Intelligence accurately identify threats, and Security Analysts perform complete event investigations, freeing your IT resources from the burden of false positives.

Purpose-built for highly-regulated networks, our MDR service is designed to facilitate rapid and accurate confirmation while ensuring only incidental access to confidential information. In the case of an actual incident, our team produces specific Incident Action Plans (IAPs) to stop threats, minimize damages and reduce recovery time.

No network is 100% secure, and preventive security techniques, while essential, are no longer sufficient against the increasing sophistication and frequency of cyber-attacks. Our team extends your team and technologies, providing deep expertise aligned to your organization’s unique exposures.


Our team installs our information security hardware into  your network without any interruption of network functionality.

Critical Insight is self-provisioning with scalable storage and bandwidth. Daily maintenance is automated, with updates to intrusion detection signatures and reputation lists.  Our team works with you to configure the critical assets catalog, package capture, rolling window maintenance, and differential packet capture retention periods for your most critical assets. All of these help ensure we detect any intrusions as soon as possible.


Our Critical Insight software monitors your network 24×7, searching for anomalies and suspicious activity.

Inside your network, the Critical Insight collector gathers and analyzes network activity and server logs, performing initial intrusion detection activities locally.  The logs, initial security events, and net flow are then sent over an encrypted tunnel to our Security Operations Center and advanced analytics are applied for robust detection and prioritization. Full network packet data is captured and retained on your premises for use if an investigation is required.


When a potential threat is identified, Critical Insight alerts our team of cybersecurity experts.

Potential incidents are elevated to our security analysts who determine the likelihood of the elevated alert being a security event.

Frequency analysis and other techniques help to eliminate false positives, which enables us to focus only on real threat incidents.


Our experts investigate the abnormality that Critical Insight identified.

Using the Critical Insight investigation framework, an analyst investigates the alert and other activities that surround the event time window.

If investigation suggests a compromise, the analyst will obtain a time-bounded packet capture from the full packet capture onsite at the collector and replay the event to provide 100% confirmation.


We initiate a response to the breach in the manner that best secures the network and ensures the failure of similar threats in the future.

Critical Insight Customer Care creates an Incident Action Plan (IAP) specific to your systems and response plan The IAP includes corrective actions to mitigate the threat(s) as well as the compromised asset.

Critical Insight Customer Care integrates into your Incident Response Plan and initiates a call to discuss the event, providing all supporting data to address the threat(s) and contain the compromise.


When an event has been mitigated, we help minimize costs by quickly closing the incident and then continue to monitor ongoing risks.

Once the vulnerability that led to the event has been mitigated, the identified attacks have been repelled, and the compromised asset is restored to service, the Incident Action Plan is closed. Full documentation is maintained for your teams and for reporting. Assets that were previously compromised or under attack are specifically monitored to ensure that all compromise indicators have ceased.

Our algorithms process network event data to identify:

  • Statistical anomalies
  • Interaction with known malware distribution or criminal command and control sites
  • Signature-based events from the intrusion detection Critical Insight Collector
  • Correlation of multiple suspicious events
  • Significant periodicity in signals

Utilizing elastic scalability and advanced data indexing algorithms, we are limited only by the amount of data you can provide to us. We grow as large as we need to be, and we do not lose processing capabilities as we scale. Our learning approach allows Critical Insight to become continuously more powerful and faster as data is ingested and processed.

Our security experts investigate an incident to confirm it is a true threat. Once confirmed, the analyst prepares and communicates a customized Incident Action Plan (IAP) and interfaces with your staff in a pre-designed incident response process to quickly address the compromise. Incidents are addressed quickly so that actual damage and loss are averted or minimized. This process eliminates false-positives to give you an actionable plan for a confirmed threat.

Availability of full packet capture at the collector allows our analysts to “replay” events under investigation for 100% incident confirmation and 0 false positives. Once an incident has been confirmed, we can go “back in time” and determine if any other compromises occurred prior. We can replay all that happened, often down to the mouse-click.

Our Critical Insight solution combines next-generation processing with expert human touch to deliver advanced threat detection that integrates cleanly into your existing strategy.

Critical Informatics has successfully completed a Type 1 SOC 2 examination, performed by an independent CPA firm. The examination report is available to current and future customers upon request. We are committed to performing ongoing Type 2 SOC 2 examinations in future years.

See What Managed Detection and Response Can Do For You