This document has been superseded. For the latest version please click HERE.
Overview
Welcome to NTT Security Holdings (NTTSH) and the Managed Detection and Response (MDR) Service Powered by Samurai XDR.
We have made onboarding simple and shall support you through each phase.
MDR Security Operations Center (SOC)
The SOC provide guidance and expertise during onboarding and service delivery, however it is important to understand the role and responsibilities of you and our team.
The SOC will be your main contact during onboarding and will schedule introduction and orientation calls with you to ensure your journey to MDR is problem free. You as a Client will still need to perform your responsible actions outlined in the rest of this document and specifically for onboarding MDR telemetry sources, unless you have purchased enhanced onboarding consulting services.
After your orientation meeting, MDR Service delivery begins. The SOC will schedule and conduct regular threat review meetings as outlined within the MDR Service Description to ensure you derive maximum value from the service.
Suggested Resources
During onboarding you will likely need to call upon various teams within your organization, we understand you may not have all of the appropriate roles but suggest the following:
|
Role/Function |
Responsibility |
|
Chief Information Security Officer (CISO) |
Awareness of the service and how it functions to drive handling of security incidents reported |
|
Security Operations Engineer |
Management and administration of the Samurai XDR Application |
| System Administrator | Deployment of Collector(s) |
| Network Engineer | Configuration of supported integrations, configuration of access control rules as required by Collector and integration |
| Security Manager | Integration of Samurai MDR into your organization's security practice and operating processes |
| Project Manager | Initiating, planning, executing, controlling and closing work of your teams to achieve onboarding |
Onboarding Phases
The image and table below outline the main phases of onboarding including responsibilities, resources and deliverables.
| Phase | NTTSH responsibilities | Client responsibilities | NTTSH Resource/Deliverable |
| Activation |
|
|
|
|
Introduction Meeting (within 2 days Samurai XDR application activation) |
|||
|
|
|
|
| Setup |
|
|
|
|
MDR Service Delivery |
Orientation Meeting (within 14 days of introduction meeting) |
||
|
|
|
|
| Threat Review (Quarterly during MDR Service Delivery) |
|||
|
|
|
|
| Incident Response (IR) retainer (option) |
|||
|
|
|
|
Your Responsibilities
Below are your primary responsibilities during onboarding. Additional responsibilities may arise as needed to support aspects of the implementation that are unique to your specific environment(s):
- Create user accounts for additional users of the Samurai XDR application, maintain all user accounts, ensuring that contact information for each user is complete and accurate.
- Deploy the Samurai XDR Collector(s) and successfully configure required integrations.
- Configure and manage all resources required to support the deployment of Collector(s) - virtual / physical.
- Configure and maintain supported on-premises log sources and cloud integrations in line with Samurai XDR requirements.
- Ensure that all telemetry sources have connectivity required in order to interact with the Samurai XDR platform. This includes, but is not limited to, the ability to receive telemetry source feeds and evidence data as well as the ability to monitor and control any agents or virtual appliances installed in your environment for the purpose of providing the service.
- Respond to NTTSH communications in a timely manner and ensure attendance of the necessary resources for all meetings to ensure timely completion of onboarding and during service lifecycle.
- Bring a threat, identified in a security incident report, to closure.
Your overall responsibilities for the service can be found in the MDR Service Description.
Comments
0 comments
Article is closed for comments.