Open Systems launched Ontinue
February 2023 by Marc Jacob
Open Systems has launched Ontinue, its new MDR division. Ontinue is the only managed extended detection and response (MXDR) provider that leverages AI-driven automation, human expertise and the Microsoft security platform to continuously assess and protect an organisation’s environment and advance its security posture for digital transformation. Unlike other MDR services available today, Ontinue’s newly launched MXDR service, Ontinue ION, delivers Nonstop SecOps with 24/7, always-on protection. The Ontinue ION service has advanced capabilities baked into its platform that enable faster detection and response, a deeper understanding of a customer’s environment for more proactive threat protection and the ability to maximise current Microsoft security investments for greater efficiency.
Despite existing MSSP and MDR solutions, organisations still struggle with three key challenges. The first is that they are slow to detect and respond to threats. The second is that they are reactive. Security teams spend most of their time firefighting, which keeps them from implementing stronger proactive measures that prevent many threats so there are fewer requiring detection and response. The third challenge is that they are inefficient. Security teams have myriad products that produce too many alerts, and they have too few people to handle those alerts – they need to do more with less.
These three challenges reflect the core challenge in security, which is that operationalising security day in and day out is hard.
Delivering Nonstop SecOps requires a new operational model that redefines MDR to accelerate detection and response, improve proactive prevention and overall posture strength – and do all of this while maximising efficiency and enabling teams to do more with less. This new operational model hinges on five key capabilities:
• Collaboration: Security is a team sport that requires Security, IT and even end users to be on the same page at all times. The Ontinue ION platform introduces a fundamentally different approach to the traditional customer interaction model. Instead of yet another ticketing system or portal, Ontinue ION embeds into Microsoft Teams to deliver critical dashboards to key stakeholders and enable real-time collaboration and access to information on any device at any time.
• Automation: Automation is the key to speed, accuracy and consistency. Ontinue leverages data science and AI to model expert cyber defender behaviour and find opportunities for process optimisation and automation. The result is fully automated threat detection, investigation and response for 70% of high severity incidents, and semi-automated workflows to help Tier 2 and Tier 3 defenders resolve more complex threats faster.
• Localisation: One size does not fit all in security. Ontinue ION builds a model of each customer’s environment and operations in order to localise or “tailor” the service to their unique environment. Armed with this unique “structural context,” Ontinue ION is better able to prioritise efforts based on risk, reduce burden on their teams and respond to threats faster without causing collateral damage.
• Specialisation: No one knows the Microsoft multi-cloud, multi-device control plane better than Ontinue. Rather than forcing customers to send their data to a secondary SIEM, Ontinue ION uses a customer’s own Microsoft Sentinel as the source of truth, allowing Security teams to maintain possession of their data. Ontinue’s hyper-focus on Microsoft empowers customers with capabilities to optimise Sentinel cost and maximise the value from their Microsoft Defender suite.
• Prevention: Every security team wants to be more proactive. Ontinue ION integrates continuous assessment and prevention activities into a virtuous lifecycle with reactive detection and response activities. Designated Cyber Advisors leverage insights from resolved incidents and threat hunts to prioritise prevention efforts that improve a customer’s security score, while Cyber Defenders prioritise incidents and responses based on information gathered during assessment activities.
A fully secure environment is a more innovative one. Ontinue ION sets the new standard for MXDR services and is built to increase overall security program maturity, efficacy and scalability. The ION service brings together the cloud-native ION platform and the ION Cyber Defense Center, a 24/7 globally distributed security operation staffed by experts including the company’s teams of Cyber Advisors and Cyber Defenders. The ION platform integrates advanced automation and real-time collaboration capabilities from the recent acquisition of Tiberium, a highly automated managed security services provider based on Microsoft security solutions. These capabilities power several innovations that elevate ION over other MXDR services and make it the MXDR service of choice for Microsoft security customers.
Customers can realise the following benefits from the Ontinue ION platform:
• Accelerated security program maturity: the efficacy and scalability of customers’ security programs is improved by continually applying lessons learned to adapt and change for the future to increase efficacy.
• Detect and respond fast—really fast: AI-driven automation and real-time collaboration eliminates noise, focuses efforts and helps respond to threats without negatively impacting business operations.
• Operationalising Microsoft investments: ION is purpose-built to fully leverage every component of the Microsoft security and collaboration ecosystem, unlike other MXDR services
• Applying a SecOps force multiplier: The ION Cyber Defense Center brings together security experts, PhD data scientists and software developers to execute, measure and optimise security operations.
New Risk-based Mitigation Efforts with Managed Vulnerability Mitigation
Ontinue has also added a new add-on service called Managed Vulnerability Mitigation (MVM) to its MXDR service. MVM enables customers to effectively reduce risk by surfacing the small percentage of IT vulnerabilities that pose the greatest risk. Using the continuous vulnerability assessment capability of Microsoft Defender for Endpoint (MDE), the MVM service augments MDE data with the latest threat intelligence and a deep understanding of each customer’s environment to deliver a prioritised, actionable subset of vulnerabilities to focus on.
The combination of MVM and the Ontinue ION MXDR service provides customers with a robust set of prevention practices that reduces business risk by continuously strengthening their security posture. With no additional license or deployment requirements, customers can maximise the ROI of their Microsoft security investments.
Reimagine the Meaning of Nonstop SecOps
Ontinue is about nonstop support for customers. The company is focused on continuously strengthening customers’ security postures by providing them stability and predictability. The ION platform drives innovation that sits at the intersection of human expertise and advanced data to offer tailored, around-the-clock protection that keeps going and learning and improving.