Managed Detection and Response (MDR) is the outsourcing of your Detection and Response capability, the capabilities may be more EndPoint Detection and Response or the may be eXtended Detection and Response, this depends on the Solution provider of MDR. Newer solutions exist now termed as Advanced Managed Detection and Response which is a merging of MDR along with additional capabilities to provide advanced Detection and Response capabilities.
The exact features and functions of an MDR solution vary widely between vendors and MSSP’s, this is due to wide choice of technologies available within different products and solution providers.
MDR covers three important parts of the NIST CSF, that is: 2. Protect; 3. Detect and 4. Response.
Managed detection and response (MDR) providers deliver 24/7 threat monitoring, detection and lightweight response services to customers leveraging a combination of technologies deployed at the host and network layers, advanced analytics, threat intelligence, and human expertise in incident investigation and response. MDR providers undertake incident validation, and can offer remote response services, such as threat containment, and support in bringing a customer’s environment back to some form of “known good.”Gartner – Managed Detection and Response (MDR) Services Reviews 2021 | Gartner Peer Insights