Break down the business value of Binary Defense services into dollars and cents

Binary Defense Named a Leader by Forrester in The Forrester Wave™: Managed Detection and Response, Q1 2021

David Kennedy

David Kennedy

Dave Kennedy is a founder and the Chief Technology Officer at Binary Defense and founder and principal security consultant of TrustedSec. Prior to Binary Defense and TrustedSec, Dave was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company located in over 80 countries with over 20,000 employees.
Share on facebook
Share on twitter
Share on linkedin

I’m really proud of our team! Binary Defense has been named a “Leader” in the Forrester Wave™ Managed Detection & Response, Q1 2021 Evaluation.

Forrester is one of the most respected analyst firms because they truly provide unbiased reviews of emerging technology and services.  The report evaluates the 15 most significant managed detection and response (MDR) vendors on 19 criteria, grouped into three categories: Current Offering, Strategy, and Market Presence.

To be included in the report as one of the 15 most significant MDR vendors is an honor in itself—to be ranked a “Leader” is even more outstanding! The report stated, “the vendor combines strong practitioner leadership, exceptional cybersecurity research, and a strong consulting sister company to bring a comprehensive MDR service to market.”

Security and risk professionals should use this report to understand the value they can expect to see from an MDR provider. In addition to sharing how different MDR vendors rank, the report also gives insights into specific criteria that may impact a customer’s purchasing decision.

The report stated, “Security buyers looking for a rapidly growing MDR focused provider with a clear emphasis on security research and threat detection should evaluate Binary Defense.” The report continued with stating that “Collaboration and partnership stand out as key elements behind its service delivery to ensure that security practitioners have what they need to detect, investigate, and response to security incidents.”

Our mission is still relevant today

Not only am I proud of our ranking in this prestigious analyst evaluation of MDR vendors, but I’m thrilled with what Forrester analysts and our customers had to say about our service. We started Binary Defense seven years ago because there was a gap in the market for high-touch SOC services. The big MSPs sent copy-and-paste alarms, regularly missed threats and you could never speak to a real person.

We hired top security talent and built our own 24/7 Security Operations Center so that we could provide our clients with security expertise and exceptional customer service. Our goal is to have every customer interaction held to a higher standard. 

In the report, client references noted our strengths as “rapid detection of innovative threat actor techniques and the skills of service delivery personnel when assisting clients.” We believe this validates that we were spot-on when we created our mission statement to make the world a safer place back in 2013, and that our mission is still relevant today.

In the cybersecurity industry, timing and innovation are everything. You need to be faster than your adversaries. You need to outsmart them by being proactive at figuring out who their targets are and how they plan to penetrate a network. As the industry evolves, we innovate to deliver leading edge cybersecurity services. We received the highest scores possible in the Product Vision, Vision and Milestones, MITRE ATT&CK framework mapping and use, Threat Intelligence and Threat Hunting criteria. The report stated, “Binary Defense’s emphasis on cybersecurity research leads to sophisticated threat hunting capabilities.”

Faster detection and response are critical when you are considering MDR vendors, because every second counts when you are faced with a targeted attack.  The longer a threat actor has access to your network, the more damage they can cause. Our threat intelligence and threat hunting expertise significantly increases the speed at which we can detect, send an alert, and provide context so that clients can quickly react—or even better, be proactive at blocking threats. 

Thinking like an attacker

The report stated, “While most MDR vendors think like defenders, Binary Defense differentiates by starting with the attackers’ perspective as the foundation for its MDR offering.”

The goal of Binary Defense is to help our clients detect attacks as early as possible through all stages of an attack and to stop them before they can cause damage. In order to defend against attackers, you have to think like an attacker. That’s why my team and I have spent so many years working as white hat hackers, or on military counterintelligence teams, and why we’re confident that Threat Hunting Services is where the industry is moving. In fact, we think it is one of the most important investments an organization can make to proactively protect their organization against sophisticated and targeted attacks.

Threat Hunting Services are for organizations that have a mature security program and help you look beyond your current security limitations to find unknown threats and prevent attackers from evading your existing security defenses. Proactive threat hunting is different than simply responding to alarms—it improves your existing detection and response operations by identifying events that are not raising alarms and uncovers advanced threats that traditional security monitoring tools and processes can’t detect.

Behavior-based detections

Many MDR vendors tout their AI and machine learning capabilities as the end-all, be-all for threat detection and response. AI and machine learning are great tools for automating repetitive tasks, searching for common threats, and cutting back on alert fatigue. However, AI and machine learning will never replace the skillset or capabilities of a highly-trained security experts that specialize in research, threat hunting, malware engineering, and the behavior of cybercriminals. Our technology and our people are what make us stand out from other MDR vendors. 

Our MDR has behavior-based technology and uses multiple sources to correlate indicators of compromise and attack while our Security Operations Task Force analysts skillfully search for uncommon activity and malicious behavior to find threats that wouldn’t otherwise be detected. We lead the industry in uncovering the latest and most advanced threats from sophisticated hackers, nation-state attacks, and organized crime. Just as attackers can exploit flaws in legitimate software to cause harm, defenders can also reverse-engineer malware to discover its vulnerabilities and then exploit those to defeat the malware. In 2020, our threat researchers spent six months blocking our clients from Emotet malware that we reverse engineered. We secretly shared our findings with other defenders and intelligence agencies around the globe to protect organizations from this prolific and highly successful malware.

Proactively anticipating threats

Cybersecurity is like a game of chess—you need to plan you next move 3-4 steps ahead of time.  Beth Harmon, the chess prodigy from the Netflix series The Queen’s Gambit, was always thinking a few steps ahead of her opponents. At Binary Defense, we’re always a few steps ahead of hackers—and other MDR vendors—with regard to the advanced level of our threat detection capabilities and for the depth and variety of TTPs that we defend against.

We received this highest score possible in the MITRE ATT&CK framework mapping and use criteria. We believe this is just another example of how we deliver the context our clients need to respond to threats. Our MDR software, alarms and tickets are aligned with the MITRE ATT&CK framework to simplify communication and improve the speed and accuracy for responding to threats. Badges and reference links in our MDR command center give our SOC analysts and clients a better understanding and greater visibility into behavior happening in their environments to speed up the investigation of specific alarms and tickets.

A unique benefit to our clients is that our MDR software is constantly updated with new detections based on intel from our globally-deployed threat intelligence technology and research collected from the Binary Defense Counterintelligence (CI) team. Our CI team monitors the Dark Web and criminal forums to identify new threats, anticipate attacks and learn the latest hacker techniques. Our MDR software evolves just as quickly as the threat landscape, so that we can outpace threat actors and their tradecraft.

I’d like to thank the entire Binary Defense team for helping us earn this prestigious recognition, and equally important, I want to thank our clients for their continued faith in our ability to protect their organizations from threats.

For anyone reading this who is in need of a top-notch cybersecurity team to defend them from cyberattacks, check out our Buyer’s Guide for an overview of our services.

To learn more about how Forrester independently ranks MDR vendors, you can register to download the report.

Thank you and be safe!

More Articles