Deepwatch Advances SecOps Platform to Detect and Contain Identity Threats

  • Introduces Managed Extended Detection and Response (MXDR) for Rapid Containment of Identity Compromise
  • Extends MXDR for Endpoint Capabilities to Support Microsoft Windows Defender
  • Latest Platform Release Delivers Unified Interface Enhancements for Greater Visibility and Easier Measurement of Service Value and Outcomes

TAMPA, Fla. – February 7, 2023 Deepwatch, the leader in advanced managed detection and response (MDR) security, today announced new service offerings and advances to the Deepwatch SecOps Platform to speed the detection and containment of threats across the enterprise.

The launch of Deepwatch MXDR for Identity provides extended detection and response to evolving identity-based threats; Deepwatch MXDR for Endpoint now supports Microsoft Windows Defender which enables automated, response capabilities on Windows endpoints; and Deepwatch SecOps Platform user interface enhancements provide customers with greater visibility into their security operations program efficacy – ranging from practitioner dashboards to self-service, board-level metrics, and reporting.

Organizations’ reliance on identity solutions to enable collaboration, remote work, and access to internal systems and sensitive data has increased threat actors’ ability to compromise identities. According to Gartner, “Conventional identity and access management and security preventive controls are insufficient to protect identity systems from attack. Modern identity threats can subvert traditional identity and access management (IAM) preventive controls, such as multi-factor authentication (MFA). This makes identity threat detection and response a top cybersecurity priority.” (1) 

Deepwatch provides comprehensive detection and automated response to cyber threats coupled with tailored security recommendations from dedicated experts. The Deepwatch SecOps Platform delivers protection 24/7/365 which mitigates risk and measurably improves security posture. Centered on advanced threat analytics, dynamic content libraries, and integrations with leading security tools, Deepwatch’s managed detection and response services (MDR, MXDR, and others) provide customers with an “always on” modern SOC that continuously evolves to combat the dynamic threat landscape. Details on new offerings and enhancements announced today include:

Deepwatch MXDR for Identity: Extends the native security capabilities of industry-leading identity tools by monitoring and correlating detections across the attack surface – beyond what identity tools alone can detect. Deepwatch delivers contextualized alerts on compromised identities and rapidly executes critical response actions such as isolating, reducing privileged access, or enforcing step-up authorization against a session to contain the threat. Response actions can be configured based on customer-specific risk tolerance. The solution integrates with Okta, Ping Identity, and Azure AD.

Deepwatch MXDR for Endpoint now supports Microsoft Windows Defender: Deepwatch’s automated response capabilities for threat containment on endpoints now support Microsoft Windows Defender in addition to Crowdstrike, and SentinelOne. Deepwatch customers are rapidly adopting endpoint response capabilities with a keen focus on mitigating ransomware attacks.

Unified Interface for the Deepwatch SecOps Platform: New enhancements to the Deepwatch customer interface deliver an advanced level of visibility and transparency to managed security operations. The interface includes an always-on personalized SOC dashboard and MITRE ATT&CK coverage that correlates to a customer’s threat matrix powered by Deepwatch’s patented Maturity Model. Users can view their content inventory, security recommendations, and recommended steps to improve security posture. Self-service, board-ready metrics and reporting include environment coverage, threat actor attribution, security investment, and overall ROI giving security leaders the ability to report on the business without waiting days or weeks for reports.

“Deepwatch provides security teams the expertise, flexibility, user experience, and support to rapidly accelerate their extended detection and response strategies to defend against threats targeting enterprises,” said Wesley Mullins, CTO at Deepwatch. “With the addition of Deepwatch MXDR for Identity, we can do more than shut down the endpoint or make a firewall rule on the fly. We can respond to a threat at every level across the customer’s attack surface whether its network, cloud, or identity.”

Available today, Deepwatch MXDR for Identity and Endpoint services complement the Deepwatch MDR service offerings as part of a complete threat lifecycle defense.

About Deepwatch
Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud security platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. The world’s leading companies, from the Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. Visit to learn more.

# # #

(1) Gartner, Enhance Your Cyberattack Preparedness With Identity Threat Detection and Response, Henrique Teixeira, Peter Firstbrook, Ant Allan, Rebecca Archambault, 20 October 2022

[email protected]

Subscribe to the Deepwatch Insights Blog