Ontinue driving the next evolution of MDR with AI
Ontinue Chief Product Officer Tom Corn discusses how the company leverages AI in managed detection and response to deliver a distinctive solution
Driven to define the next evolution of Managed Detection and Response ( MDR ) for its partners all around the world , Ontinue ION AI-Powered MXDR expertly blends the best of managed extended detection and response — as well as assessment and prevention — into a service specifically designed for Microsoft security customers .
“ We specialise in customers who are leveraging a lot of Microsoft security technology ,” comments Tom Corn , Ontinue ’ s Chief Product Officer . “ We have a unique process that isn ’ t just about reactive detection and response , but about constantly improving companies ’ security posture , in what we call a proactive reactive service .”
When outsourcing security to MDR players , understanding the client ’ s control stack poses challenges . While MDR providers may offer expert security support around the clock , the crucial factor is their comprehension of the client ’ s unique environment . To go beyond basic alerts , effective investigation and response necessitate a deep understanding of the company ’ s assets , architecture , and operational constraints .
As Corn explains , Ontinue was started by a group of data scientists with the idea of applying AI to MDR in a unique way . “ We are doing something quite different here , where we ’ re applying AI to understanding the customer and the environment we ’ re defending , their operational constraints , and how the defenders have to work in their environment . This allows us to solve that problem of how to understand the environment quickly , deeply , and then localise the solution for a customer .”
Ontinue has also innovated with its interaction model . “ We started with the premise that the world doesn ’ t need another management console ,” say Corn . “ Instead , Ontinue built its interface into Microsoft Teams , so customers and Ontinue defenders collaborate in a shared channel , taking advantage of Teams capabilities they ’ re already using during the workday . By doing this , we look , feel and act like a true extension of our customers ’ teams .
“ We ’ ve specialised more deeply in customers who are using the Microsoft security stack . This has allowed us to do very deep things that you just don ’ t see from other places because we ’ ve really specialised .”