Resource Type: Video

Quick Start Risk Assessments

With Critical Start Quick Start Risk Assessments, you can quickly and easily see, measure, and discuss ongoing risk reduction initiatives across your entire team.

Feb 2024 MDR Video

Critical Start MDR: Welcome To Your New World

Premier Defense With Critical Start MDR

Video Transcript:

It’s time for a world where no security threat goes undetected. A world where all threats are responded to and mitigated quickly before an attacker can cause damage. 

A world where security leaders aren’t always wondering if their Endpoint Security and SIEM tools are providing full coverage, leaving them waiting to see where the next breach will pop up. Where threat actors don’t have the advantage of hunting, discovering, and exploiting MDR blind spots caused by security tooling coverage gaps.

With the expert analysts at Critical Start and the power of our Cyber Operations Risk & Response™ (CORR) platform, this world becomes a reality.

In this world, security leaders have increased confidence in their cyber defense, knowing that Critical Start verifies the SOC is receiving all the expected threat signals from across the IT estate to strengthen threat monitoring, speed response, and reduce risk exposure.

We help prioritize preventative measures to avoid successful attacks with additional capabilities to help leaders like you get a better understanding of your overall security risk exposure and give you actionable insights to fix what you prioritize.

It’s a place where you can reduce dwell time from anywhere, at any time, with our mobile app, where MITRE ATT&CK® Mitigations Recommendations are provided based on threats in your environment to stop repeated attack vectors, where responses are contractually obligated, with a 10-minute notification for Critical alerts and a 60-minute or less Median Time to Resolution (MTTR) for all alerts, regardless of priority.

Welcome to your new world.

Critical Start. Don’t Fear Risk. Manage It.

Jordan Mauriello: Building a Managed Service with Network Effect

Full video transcript:

So, the strategy behind the MDR offering is really about building something that is both effective and efficient, that allows you to deal with the core problems of providing managed services, and it has to scale from small business to large enterprise with the same capability. And so, when we built a model that was working off of network effect, that was applying ideas like Random Forest Classification Models to deal with all the false positives at scale, that was giving us network effect across huge datasets. We actually found that the larger the environment and the more customers had, the better we got at doing our actual MDR business. We monitored the network 24/7, we prevent breaches, we look at every single alert that happens and we resolve them on your behalf. If CRITICALSTART is monitoring your network, you can be guaranteed that we’re going to catch what attackers are trying to do.

Critical Start’s MOBILESOC® App

Video Transcript:

Security breaches happen at the worst time, and any delay in response increases your risk. 

Critical Start Managed Detection and Response services, or MDR, go beyond alert monitoring & escalation –  to deliver the quickest resolution possible. 

Our MobileSOC lets you triage and contain alerts in minutes to protect your most valuable asset, your data by enabling you to take immediate action using real-time information delivered by our platform and security experts. 

MobileSOC users see everything. 

From the same data that our analysts see to shrink dwell time and stop an attack in process before it becomes a breach, to the quick confinement of infected devices to keep your environment safe .

MobileSOC allows for direct communication in-app so you can address alerts with ease.  

MobileSOC uses risk and operational metrics to help you manage your security operations while on the go. 

Track team performance, optimize resources and processes, evaluate detection coverage mapped to the MITRE ATT&CK® Framework, quickly assess critical systems, make well-informed decisions, and confidently articulate the value of your MDR service by aligning business outcomes to security spend. 

With the Critical Start MobileSOC app, you can:  

  • Speed up the time it takes you to respond to threats 
  • Reduce risk exposure while on the move to limit attacker dwell time   
  • Optimize productivity 
  • Communicate and collaborate securely 
  • See everything for a quicker response and gain peace of mind knowing that you can protect your security environment regardless of your location or time of day. 

CISOs: Communicating Risk to Board Members

Cybersecurity doesn’t have to be a roadblock to effectiveness. CRITICALSTART’s SVP of Managed Security, Jordan Mauriello, and Michael Balboni, former advisor to Homeland Security share insights on empowering cyber networks by employing successful strategies.

Full Transcript:

JM: Hey guys, Jordan Mauriello with CRITICALSTART here, Senior Vice President of Managed Services. Today I have with me Michael Balboni, President of Redland Strategies, former Senator, Assemblyman, advisor to Homeland Security. Honored to have him here with us today. We’ve been doing some awesome discussions about things that we’re doing at CRITICALSTART and working with Redland Strategies.

JM: Today we wanted to take an opportunity just to talk to Michael about some general cybersecurity issues. He’s a major influencer in our community. I know many of you already know who he is and has had a major impact even on some of the legislature that we’ve seen around our industry too as well. We want to take the time to get some thoughts from him on some of the direction the industry’s going impact that some of the changes we see in cyber in general are having on national defense, the role of Senate and Congress, and where that’s going from a legislature perspective.

JM: We’re going to open up and have a nice, fun conversation here about some of these issues. Thank you so much for being with us, Michael.

MB: Thanks for having me Jordan, and thanks for your service to the country in the military.

JM: Thank you very much, sir. I appreciate your support.

JM: When you’re looking at a CISO and he’s attempting to communicate to the board about risk, what are some of the things that you would tell a CISO about how does the board look at cyber and risk for the business that can help them more effectively communicate the risk they might see?

MB: Obviously there is a wide variety of information, education experience as it relates to cyber issues and some board members who could be a Chief Information Security Officer on their own and they’re a huge asset to the board. That typically is not one of the criteria that boards use for attracting trustees or board of directors. That’s not one of the things I look for. It’s an added value, great but that’s not really part of the typical board of directors profile. Therefore you have people who sit there and say, “Okay, we have to do security. I look at security as one bucket.”

MB: Whether it’s the physical security of buildings, it’s physical security of the servers, it’s physical security of the data we have, and what they sometimes don’t focus on is that data is the new oil.

MB: We are a data-driven society.

JM: Absolutely.

MB: How we use data, how we protect data, how we explain data to the people that we serve or whether it’s our shareholders, our customers, the folks that we work for as a board of directors, it’s very difficult to articulate that many times. We need to have awareness and we need to let people know that cybersecurity doesn’t have to be a roadblock to effectiveness. It doesn’t have to be a drag on your business model. It doesn’t have to be something that’s just a cost driver. We can actually make the system such that we can empower the networks by doing the right, the smart, and the timely changes to the cyber network employing good strategies.

Cherwell Software Finds Extra Layer of Security with MOBILESOC, Complete Transparency

Cherwell Software needed help. The company’s previous MDR did nothing for them.

“Our previous Managed Detection and Response vendor didn’t do anything,” said Greg Biegan, Director of Security, Cherwell Software. “They didn’t notify us, and it was a big gap.”

CRITICALSTART is the complete opposite, delivering complete transparency, reports Biegan. “I see stuff going in, and I see it coming out, and I see it in a beautiful format.”

Cherwell has also taken advantage of CRITICALSTART‘s MOBILESOC capabilities. “It has been worth its weight in gold. Since we are a global company, my team is getting pinged at all hours of the night. And it’s nice; those that are on-call can actually have their phone. They don’t have to be tied to their computer. They can communicate with the consultant that’s there, they can look at what’s going on, they can determine the action, and it’s just like texting. And once it’s done, it’s done.”

Biegan says the best part is that we don’t get pinged a lot. “It’s nice to know that you have that extra safeguard, that extra layer of security with that MOBILESOC.”

Full Video Transcripts:

My name is Greg Biegan. I’m Director of Security for Cherwell Software. Our previous Managed Detection and Response vendor didn’t do anything. They didn’t notify us and it was a big gap. CRITICALSTART, a complete opposite. What I see, I see stuff going in, and I see it coming out, and I see it in a beautiful format.

We have taken advantage of CRITICALSTART‘s MOBILESOC capabilities. It has been worth its weight in gold. Since we are a global company, my team is getting pinged at all hours of the night. And it’s nice, those that are on-call can actually have their phone. They don’t have to be tied to their computer. They can communicate with the consultant that’s there, they can look at what’s going on, they can determine the action, and it’s just like texting. And once it’s done, it’s done.

The best part is, is that we don’t get pinged a lot. And so it’s nice to know that you have that extra safeguard, that extra layer of security with that MOBILESOC.

No More Alert Fatigue for MoneyGram, Thanks to Critical Start‘s MDR

Alert fatigue was an issue for MoneyGram’s SOC analysts, who were finding themselves dealing more with alerts, and less with the work they were hired to do.

“Prior to the relationship with Critical Start, my SOC analysts were experiencing what we all call alert fatigue,” said Scott Funk, head of security operations at MoneyGram International. “Critical Start has really been able to reduce those alerts. Our SOC Analysts are able to get through every alert they toss our way. I’ve been able to take our level three and level four analysts and put them back to work at what they were really hired to do.”

Funk says Critical Start gives them the attention they need, and find that their issues are resolved in a timely manner.

“Our confidence level since we started our MDR service with Critical Start has greatly increased. We are one of Critical Start‘s top companies for meantime to detect and meantime to respond, and we certainly have reduced the risk within MoneyGram, thanks to that partnership with Critical Start.”

Full Video Transcript:

My name is Scott Funk. I’m head of Security Operations and Data Governance at MoneyGram International. What really led us to our relationship with Critical Start was really the fact that we, as an organization, were going to get the attention we needed. Our issues were going to be addressed in a timely fashion.

Our confidence level since we started our MDR service with Critical Start has greatly increased. I would say that prior to the relationship with Critical Start, my SOC analysts were experiencing what we all call alert fatigue. Critical Start has really been able to reduce those alerts. Our SOC Analysts are able to get through every alert they toss our way. I’ve been able to take our level three and level four analysts and put them back to work at what they were really hired to do. We are one of Critical Start‘s top companies for meantime to detect and meantime to respond, and we certainly have reduced the risk within MoneyGram thanks to that partnership with Critical Start.

Randy Watkins: Mobile, Transparent, Adaptable

Full Video Transcript:

Security is really an art form, and it’s how do you deal with risk? Personal information can be stolen or worse. So, the customer has historically been bound to either email or their laptop looking at a web portal, we wanted to change that dynamic. So, we came out with the MOBILESOC and it allows the customer to do everything inside of their mobile device that they do on a laptop. And what that does is it unbinds them from that burden of constantly being tethered, and it actually allows them to respond faster and more consistently, which in turn lowers the dwell time that attackers have.

Now what’s unique about what CRITICALSTART does is it brings in 100% of security alerts, and using our Zero-Trust Analytics Platform, it looks at every one of those alerts to determine what is a known good versus what is unknown and needs to be resolved by our analysts. And this is all baked right into the platform.

Rob Davis: Resolve Every Alert. Stop Breaches.

Full Video Transcript:

Ultimately what you want to do is detect and stop breaches. You have to resolve every single alert. Nothing in the marketplace allowed us to do that, which is why we kind of created our own platform. We don’t want to ignore security events, and a lot of the lower-level security events, that’s actually where you can detect a lot of breaches and attacks.

Transparency is very important to CRITICALSTART and what we tried to do is be able to provide that same transparency you get with an in house SOC, but that we can provide as a service. So you kind of get the best of both worlds.

What we want to do is provide cybersecurity in a way that allows customers to move the speed of business. Our customers view us as the low-risk approach to providing managed detection response services. The whole goal is to stop an attacker before it becomes a breach.

Needle in a Haystack – Managed Detection & Response (MDR)

Are you suffering from alert overload? Security professionals everywhere spend countless hours sifting through alerts – basically, searching for a needle in a haystack – to identify potential threats. The volume is too overwhelming, leaving them vulnerable and at risk of attack. CRITICALSTART helps end alert overload once and for all. Find out how in this video.

Full video transcript:

Ever try finding a needle in a haystack? Security operation centers, or SOCs, deal with tens of thousands of alerts every day in an effort to safeguard their networks and those of their clients, but only around 0.01 percent of alerts represent any actual threat. That’s the needle. The rest is just noise. As more alerts pile in, a backlog forms, making it practically impossible to move forward without compromise. It’s called alert overload when SOCs have to alter operations and priorities to manage the overwhelming onslaught of alerts. They either have to constantly grow their armies to sift through ever-growing haystacks for the needles or, and this happens most often, they’ll ignore huge amounts of the haystack hoping there’s no needle in it.

SIMs and incident orchestration try to solve the problems of alert overload. They do make investigating each incident quicker by automating certain pieces of simple and repetitive investigation-related tasks, but they don’t decrease the number of alerts needing investigation significantly enough. In other words, the haystack is still there.

What’s needed is a way to go through alerts faster, remove the haystack altogether and ultimately apply a model of accepting no risk. If an alert is not defined as known good, then it gets triaged. Thankfully, there is CRITICALSTART’s Zero-Trust Analytics Platform, also known as ZTAP. CRITICALSTART uses broad, locally specified data processing techniques to automatically identify and remove benign or known good alerts and can reduce the number of alerts requiring investigation by 99.9 percent. Meaning, SOCs can deliver tighter security while also preserving their internal resources.

ZTAP’s Event Orchestration Platform also features a MOBILESOC app, enabling SOC professionals to investigate alerts whenever it is needed from anywhere. With fewer events to investigate manually, analysts can spend their time handling the alerts that are cause for concern.

Complete transparency, greater efficiency and tighter security at a price organizations can afford. That’s the CRITICALSTART difference.