Cyber
SOC as a Service: Bridging Your Resource Gap
August 28, 2024
Responder for Microsoft Defender XDR
24x7 Managed Threat Detection and Complete Response for Microsoft Defender XDR.
Talk to an ExpertMaximize the Value From Your Microsoft XDR Investments
Get a Demo
Maximize the Value From Your Microsoft XDR Investments
Let Kroll handle the threats and operationalize your Microsoft Security investments. Kroll Responder Managed XDR for Microsoft provides complete 24x7 threat coverage across devices, identities, apps, email, data and cloud workloads.
By correlating telemetry across the Microsoft Defender suite and layering our custom threat detection rules, hunting and forensic-led incident response expertise, our experts can quickly identify and piece together each step of an attack to enable a more comprehensive response and protect all systems affected.
Whether your team is on the clock or not, we’re working in the background. We handle thousands of cyber incidents per year, and we bring that frontline expertise to accelerate your journey towards security maturity.
Fill out the form to speak with one of our experts and get a customized demo today.
Benefits
Detect Threats Earlier Across Identity, Email, Endpoint and Software-as-a-service (SaaS) Without Traditional Security Information and Event Management (SIEM) Costs
By correlating telemetry across the Microsoft Defender suite and layering 350+ custom Kroll detections on top of Microsoft Defender’s out-of-the-box (OOTB) detections, our analysts can quickly identify and piece together each step of an attack to enable a more comprehensive response and protect all systems affected.
Automated Response Across Defender Products With Real Kroll Digital Forensics and Incident Response (DFIR) Experts at No Extra Cost
Our “Complete Response” methodology includes a combination of integrated, automated response actions across your Defender stack, with seasoned DFIR investigators using the Microsoft and proprietary Kroll forensic tools to conduct further root-cause analysis, hunting for additional indicators of compromise.
Integrate the Right Microsoft Data Sources and Licenses as Needed
Our scalable and flexible ingestion architecture enables us to integrate directly into your existing Microsoft technology stack, or we can deploy the necessary data connectors to get the required detection coverage quickly.
$1 Million Incident Protection Warranty
We’re so confident in our ability to improve your security posture that we include a $1 million incident protection warranty at no extra cost if your service includes endpoint detection and response (EDR). This warranty covers the costs of a range of potential cyber incidents, including ransomware, business email compromise, compliance and regulatory failures, as well as business income loss.
– Kerri Slaney, Cyber Security Change Lead, Southern Housing"Kroll provides us with a critical second set of eyes. They ensure we’re taking the right steps to achieve improved security. Kroll’s threat hunters and experts give us invaluable insights by looking into the wider security landscape."
What’s Included
- 24x7 Monitoring and Analysis
Our integration with the Microsoft Defender suite enables our analysts to correlate telemetry across devices, identities, apps, email, data and cloud workloads; triage alerts; and carry out immediate investigation. - High-fidelity Threat Detection With More Than 430 Detection Use Cases
Reduce false positives with custom detection use cases from Kroll threat intelligence, incident response (IR) cases and OOTB use cases. - Automated Response and Remediation Guidance
Stop advanced cyberattacks, such as data exfiltration and business email compromise, with automated blocking of malicious files on endpoints, deleting mailbox rules and revoking sessions. - Platform management
We provide platform configuration, administration, rules management and 24x7 health and availability monitoring.
-
Unified Threat Management Platform
To ensure visibility of our detections and responses, we provide a single user interface via our threat management platform, which also enables you to interact with our experts, view reports or request specific support. - Threat Intelligence Reporting
Out-of-band and weekly threat intelligence reports help you stay on top of the changing threat landscape. - Technical Account Management
Access to Technical Account Management support is available when you need it, supplemented by quarterly service reviews.
How It Works
Why Choose Kroll as Your Microsoft MXDR Partner?
-
Advanced Specialization in Microsoft Threat Protection and Cloud Security
Microsoft’s validation acknowledges our deep knowledge, extensive experience and proven success at delivering tailored threat detection and response services. - Microsoft Cloud Solution Provider (CSP)
As a Microsoft CSP partner, we can deploy, set up and configure your Microsoft Security Stack and quickly deploy log sources and rules directly into your workspace while proactively carrying out deeper investigation on your tenant.
- Adversary-driven Threat Detection
You’ll benefit from Kroll’s unique exposure to thousands of IR investigations a year and shared intelligence across Kroll’s managed detection and response (MDR), IR, threat intelligence and offensive security research. - Complete Response Methodology
Pair Kroll Responder’s unlimited remote DFIR on any high-priority incident at no extra charge. - Industry Recognition and High-touch Engagement
Kroll has been recognized as an Overall Leader in KuppingerCole’s MDR Leadership Compass and ranked No. 7 in MSSP Alert’s Top 250 MSSPs for 2024.
– Head of IT, Bernhard Schulte Shipmanagement“The human factor is something I’m always looking for. This personal approach is something I noticed from my first engagement with Kroll, and it is still true today.”
Frequently Asked Questions
Our Technology Partners
Kroll Responder MDR
Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.
Kroll Responder MDR for Microsoft Security
Kroll Responder managed detection and response for Microsoft delivers enriched telemetry, frontline threat intelligence and Complete Response capabilities to maximize the value of your native endpoint and cloud technology.
MDR for Microsoft 365
Immediately elevate your Office 365 security with 24x7 monitoring, analysis, and automated response using Kroll Responder for Office 365. Detect and respond to threats targeting email, Sharepoint, and third-party plugins leveraging frontline threat intelligence.
Kroll's 2023 State of Cyber Defense Report Reveals a Lack of Trust Ranked as the Biggest Security Concern by Cybersecurity Decision-Makers Globally
Press Release
Kroll's 2023 State of Cyber Defense Report Reveals a Lack of Trust Ranked as the Biggest Security Concern by Cybersecurity Decision-Makers Globally
June 14, 2023
News
Kroll Wins Best Managed Security Service for Kroll Responder at SC Awards Europe 2022
July 1, 2022
Press Release
Kroll Strengthens Digital Forensics and Incident Response Team in EMEA with Colin Sheppard
May 25, 2023
Kroll in News
Kroll Recognized in 2023 Gartner Market Guide for Digital Forensics and Incident Response Retainer Services
May 19, 2023
Kroll is headquartered in New York with offices around the world.
One World Trade Center
285 Fulton Street, 31st Floor
New York NY 10007
Sign up to receive periodic news, reports, and invitations from Kroll.
Our privacy policy describes how your data will be processed.
© 2025 Kroll, LLC. All rights reserved.
Kroll is not affiliated with Kroll Bond Rating Agency,
Kroll OnTrack Inc. or their affiliated businesses. Read more.