Blogs

Chris Carlson explains why the Critical Start MDR platform favors determinism over autonomy at a time when cybersecurity vendors are rushing to bolt generative AI into every product layer. 

In a recent interview with ISMG at Black Hat 2025, Carlson, Chief Product Officer at Critical Start, described how the company is tackling alert fatigue, reducing false positives, and supporting SOC analysts without handing over critical decisions to AI. 

That’s the argument Randy Watkins, CTO of Critical Start, made during a recent interview with Dark Reading at the Black Hat USA 2025 News Desk. In his view, the "R" in MDR is where everything falls apart. 

"Response is a fairly ambiguous term. We see response meaning everything from actual containment of threats to escalation of alerts in different scenarios. They're both warranted, but what we really want to do is better set expectations of what customers are going to get." 

92 percent of organizations say they’re overwhelmed by an endless sea of alerts. 

It’s not just annoying. It’s dangerous. 

In a recent Dark Reading webinar hosted by contributing editor Terry Sweeney and featuring Critical Start Field CISO Tim Bandos, security leaders got a behind-the-scenes look at how top teams fight back against alert fatigue and focus on what matters most: stopping real threats. 

Microsoft Defender and Sentinel give security teams powerful tools to detect threats across endpoints, identity, email, and cloud. But many teams are still overwhelmed by alert volume, struggling to turn that visibility into decisive action. 

So, what separates high-performing SOCs from the rest? 

Ransomware attacks aren’t slowing down. They’re getting smarter, faster, and more expensive.

Hackers aren't gambling. They know exactly where to hit. And for gaming companies, the stakes couldn't be higher. 

Casinos and gaming operators are being targeted by ransomware groups that move fast, exploit blind spots, and disrupt operations that can’t afford a minute of downtime. 

During a recent webinar hosted by CyberEdge, Steven Rosenthal, Director of Product Management at Critical Start, shared actionable insights into how Managed Detection and Response (MDR) services can address increasing cyberattacks and resource constraints. Founded in 2012, Critical Start has become a pioneer in MDR services, monitoring over two million endpoints and delivering human-driven, comprehensive threat detection and response capabilities.

A CISO’s Perspective on the Evolving Threat Landscape and Strategic Response

Introduction

Every organization faces unique challenges in today’s dynamic threat landscape. Whether you’re managing compliance requirements, hybrid environments, or shifting risk profiles, one thing is certain: a one-size-fits-all approach to cybersecurity doesn’t work.

Legacy Managed Detection and Response (MDR) solutions often rely on rigid service models that can’t keep up with evolving threats or your organization’s needs. The result? Gaps in coverage, inefficiencies, and increased vulnerability to cyberattacks.

Welcome to the third and final installment of our three-part series Driving Cyber Resilience with Human-Driven MDR: Insights from the 2024 Gartner Market Guide. In the first two parts of this series, we explored the critical role of human-driven Managed Detection and Response (MDR) in enhancing security operations and why remote containment and active response are non-negotiable in modern cybersecurity. Now, we turn our focus to the integration of threat exposure management within MDR services and how it serves as a key pillar in achieving cyber resilience.

You Don’t Have to Settle for MDR That Sucks

Imagine this: an attacker breaches your network, and while traditional defenses scramble to catch up, your organization suffers financial losses, operational disruptions, and reputational damage. This scenario isn’t just theoretical — it’s a reality for countless businesses navigating today’s complex threat landscape.