ActiveEye Managed Detection and Response Technical Overview

This white paper provides a technical overview of ActiveEye Managed Detection and Response (MDR), detailing its capabilities and components. ActiveEye is a Security Orchestration, Automation and Response (SOAR) platform designed to enhance cybersecurity by detecting and responding to threats in IT environments, including CAD and 9-1-1 systems. The document outlines the functionalities of the ActiveEye platform, which includes modules for log analytics, network detection, endpoint detection and response, DNS detection, and vulnerability detection. It explains how the platform collects and analyzes security data, prioritizing alerts for quick responses. The paper also describes the role of the Security Operations Center (SOC), which monitors threats 24/7 and collaborates with organizations to manage responses. Additionally, it details the automation features of ActiveEye, which streamline investigation and response tasks, and emphasizes the importance of threat intelligence in enhancing detection capabilities. Overall, the document serves as a comprehensive guide to understanding the ActiveEye MDR service and its operational framework.