24/7 expertise.
Unstoppable prevention.

Unit 42® Managed Detection and Response

Unit 42 excels in MITRE Engenuity ATT&CK Evaluations.

See how our Managed Services help you more effectively address threats.

INFOGRAPHIC

Strengthen your security
with MDR.

8 reasons why MDR is too risky to disregard.

Unit 42® MDR has been
recognized as a Leader.

2024 Frost Radar™: Global Managed
Detection and Response Market

WHY IT MATTERS

Security teams are challenged to keep up with the evolving threat landscape while also trying to be proactive.

  • The attack surface is expanding and threats are becoming more sophisticated.

    Complex investigations can delay response and result in increased attacker dwell times or missed attacks.

  • Security teams need help managing an endless backlog of alerts.

    Constant firefighting and reacting to competing priorities leaves little time for strategic initiatives or to hunt for new threats.

  • Organizations can’t hire and retain the seasoned analysts and threat hunters they need.

    This is exacerbated by a proliferation of security tools that are increasing complexity.

Man working with a laptop

Boost your security operations capabilities with managed detection and response (MDR).

Learn more

MANAGED DETECTION AND RESPONSE

Unit 42 MDR built on Cortex XDR offers superior detection and response

Rapidly increase your cyber defenses with 24/7 monitoring, expertise, threat hunting and remediation. Cortex XDR gives MDR analysts an advantage by automating data collection across endpoint, network and cloud, providing the critical insight and context needed to block attacks before they can impact your organization. You can start with managed endpoint detection and response and expand coverage over time for additional protection.
  • Threat detection and response
    Threat detection and response
  • 24/7 monitoring and triage
    24/7 monitoring and triage
  • Expert security analysis
    Expert security analysis
  • Proactive threat hunting
    Proactive threat hunting
  • Guided remediation
    Guided remediation

Unit 42 MDR

Extend Your Team with Unit 42 Experts

Palo Alto Networks Unit 42® experts work for you to detect and respond to cyberattacks, allowing your team to scale fast and focus on what matters most.

  • Enriched with World-Class Threat Intelligence

    Unit 42 analysts take advantage of extensive telemetry and threat intelligence from over 10 years of malware analysis experience, 30M+ new samples and 500B daily events to provide you with the most up-to-date protection.

  • Backed by Unit 42 Expertise

    With more than 200 analysts, researchers and engineers, Unit 42 is trusted by global CISOs. Unit 42’s seasoned analysts apply in-depth threat hunting and forensics knowledge to identify and contain threats before they become a breach.

  • Modeled after the Palo Alto Networks SOC

    Combining proven processes, infrastructure and automation from the SOC protecting the largest security company in the world, with our deep knowledge of XDR, we’ll rapidly respond to sophisticated threats.

Unit42-MDR
Video

Watch how Unit 42 MDR supercharges your defenses


Why Choose Unit 42 MDR?

Unit 42 has an experienced team of security analysts and consultants who have handled some of the largest cyberattacks in history. Our team of seasoned theat hunters, Cortex XDR experts and experts in threat intelligence will partner with your team to quickly identify and stop malicious activity most likely to impact your organization.

  • Layers of Expertise and Protection Giving you Confidence, 24/7

    World-class security experts will continually monitor your Cortex XDR environment for threats 24/7/365 as well as proactively hunt for emerging threats across your infrastructure.

  • Accelerated Response and Remediation

    Proprietary automations and processes will drive more accurate response and faster remediation.

  • Reduced Alert Fatigue

    Unit 42 can manage critical alerts – including endpoint, network and cloud alerts – from a single pane of glass. We can handle the alert triage and investigation so your team can focus on other, more strategic initiatives.

  • Improved Security Posture

    See immediate value with cyber hygiene reports with customized guidance on how to strengthen your security posture.

Augment Your Team with Cortex XDR Experts
Video

Hear directly from Enloe Medical Center, a healthcare facility in California, about how they partnered with Palo Alto Networks to strengthen their security posture and improve efficiency with Unit 42 MDR.


Our XMDR partners

Our certified XMDR (eXtended Managed Detection and Response) partners have demonstrated world-class capabilities and expertise and offer a broad portfolio of specialized and tiered MDR offerings powered by Cortex XDR. Located throughout the globe, they provide proactive, always-on services to secure your business.

DNV Cyber (formerly Nixu Corporation)

Our MDR services secure you from cyberattacks with:
- Automation powered threat detection & response
- Skilled analytics & top expertise
- Managed technologies (Data, EDR, NDR)
- Threat hunting & intelligence, Incident response

Our services offer full visibility into endpoint & network to detect, contain, prevent cyberattacks and help to:
- Protect workstations, servers, IoT&OT devices in the cloud and on-premise
- Defend against data theft, ransomware, malware
- Identify data loss, access real-time data- alerts- investigation details
- Proactively manage the Attack Surface & Posture Management

Learn more

Regional Availability: Global

Visit their site

Trustwave

Trustwave delivers threat detection and response services that provide security teams with deep visibility and advanced security expertise to help identify and respond to advanced threats as they arise.

Learn more

Regional Availability: Global

Visit their site

Pricewaterhouse Coopers

PwC’s MDR combines proprietary threat intelligence, automation and a customized rule set of over 2,000 behavioral techniques to eliminate alert fatigue and allow for focus on truly important threats.

Visit their site

Regional Availability: Europe and Asia Pacific

Learn more

Critical Start

CRITICAL START created the only cloud-based MDR platform purpose-built to resolve every security alert and reduce attacker dwell time, leveraging their MOBILE

Learn more

Regional Availability: North America

Visit their site

BDO

BDO’s MDR service uses incident response methods and industry-leading technology to detect and respond to threats. This combines rule-based detection alongside the latest machine learning and automation techniques.

Visit their site

Regional Availability: Global

On2it

ON2IT's SOC-as-a-Service combines managed detection and response with Zero Trust-architected managed prevention and compliance services. Their in-house-developed mSOC Orchestration Platform offers deep integration with Cortex XDR.

Visit their site

Regional Availability: North America and Europe

7Layers

7Layers MDR delivers an extensive integration with Cortex XDR for real-time threat prevention, detection, investigation and response capabilities, providing increased visibility and comprehensive protection against today’s advanced threats. 7Layers’ professional services help tune Cortex XDR for high-fidelity threat detection across the whole environment, including network, endpoint, cloud and 3rd-party data.

Learn more

Regional Availability: Europe

Visit their site

Elisa

The combination of Cortex XDR and a unique Cyber Security Center, Elisa MDR provides a comprehensive cyber security solution to an organization that covers the end-to-end requirements to stay ahead of the today’s latest threats. We help our customers to identify cyber risks, provide solutions for preventive cyber capabilities and offer 24/7 SOC capabilities for detection, investigation, response and recovery of cyber incidents.

Learn more

Regional Availability: Europe

Visit their site

Orange Cyberdefense

Orange cyberdefense is a threat research and intelligence-driven security provider offering unparalleled access to current and emerging threats. With over 25 years of experience in information security, more than 250 researchers, and 17 SOCs worldwide, Orange Cyberdefense addresses their customers' global and local security challenges. Orange Cyberdefense protects them across the entire threat lifecycle (anticipate/ identify/ protect/ detect and respond) in more than 160 countries.

Orange Cyberdefense and Palo Alto Networks reinforce collaboration by proposing solutions to streamline security combining technology, skills, intelligence and platform-based services.

Learn more

Regional availability: Global

Visit their site

Scitum

With more than 22 years in the market, Scitum TELMEX is the leader in cybersecurity in Latin America. We operate the main Cybersecurity and Cyberintelligence Centers, with 650+ specialists serving 1,820+ clients. We’ve built the most complete cybersecurity ecosystem in the region, with endorsements and collaborations across the community.

Regional availability: Latin America

Visit their site

KHIPU Networks

KHIPU offers flexible MDR services to meet organizations’ unique requirements, environments and priorities. Ranging from continuous alerting and notification only, to root cause analysis, response and mitigation – whatever the requirement is, our SOC MDR service platform can deliver what our customers need.

Visit their site

Region availability: Global

Solution brief

Telefónica Tech

Telefónica Tech is a leading intelligent cybersecurity and managed security services provider that offers best-in-class prevention, detection, automation and response capabilities. Telefónica Tech’ turnkey MDR service helps modern organizations to extend their detection and response operations by allowing them to offload the efforts of 24x7 alert monitoring, proactive threat hunting, and incident response, backed by Telefonica’s fixed technology stack.

Visit their site

Region availability: Global

Learn more

Infoguard

InfoGuard's Cyber Defence Services combine high-level expertise and the latest technology such as Cortex XDR with the years of experience of our security experts and threat analysts. The Swiss Cyber Security Expert provides real-time threat prevention, detection, investigation and response, providing greater visibility and comprehensive protection against today's modern threats. With technology support and the CDC governance, InfoGuard’s CDC is able to respond immediately to a cyber-attack to disrupt the attack chain and prevent damage from adversaries.

Visit their site

Region availability: EMEA

Learn more

SENTRIA by NETDATA

Sentria™ is a managed, detection, and response service integrated with technologies across Palo Alto Networks platforms to power up your SecOps team 24/7 and help them anticipate cyberattacks in the cloud, hybrid, and on-premises environments. Merging Netdata expertise with Palo Alto Networks and relentless customer service, we're redefining how security services are delivered.

Coverage region: Latin America and North America

Visit their site

Norlem

Norlem is an organization laser focused on cybersecurity. Rather than try to solve an unmanageable array of technology challenges, we channel all of our energy towards delivering the most competent level of cybersecurity service possible. Our origin and ongoing culture is engineering first, engineering last. This has led us to a different approach regarding how we form new customer partnerships; we earn them by demonstrating deep expertise in the technologies that we believe to be the best.

Region availability: North America

Visit their site

PricewaterhouseCoopers Tecnologia da Informação Ltda

PwC’s Managed Detection and Response services helps clients secure their network, improve threat visibility and reduce response time to minutes. The service, named “Managed Cyber Defence”, is a tech and automation ecosystem that exponentially improves the ability to gain visibility and process complex security telemetry.

Region availability: Brazil and Latam

Visit their site

ADEO

ADEO’s MDR service provides 24x7 monitoring, analysis, investigation and response to security incidents. Developed by leading cyber security professionals with unmatched expertise, the service helps all organizations reduce attack dwell time by preventing breaches before they happen.

Regional availability: EMEA

Website

LinearStack

LinearStack's MDR service is designed for organisations that want to strengthen their cybersecurity posture but do not have the time and resources to manage all their security operations in-house. At LinearStack we’ve combined Cortex XDR with our 360-degree approach to cyberdefence to ensure our SOC works at pace to investigate, respond to and hunt for advanced stealthy threats 24x7x365. By working with an established SOC you can expect LinearStack to onboard, tune, and operationalise Cortex within weeks, bolstering your cyberdefences faster and leaving your team free to focus on strategic projects.

Regional availability: APAC

Website

Lumifi Cyber

Lumifi Cyber is a 24x7 Managed Detection and Response provider. Lumifi delivers its services through a transparent co-managed model with customers ranging from 50 to 85,000 employees in a wide variety of industries across 4 continents.

Regional availability: Global

Website

Netsecurity

Netsecurity 24/7 MDR services consist of a SOC that actively uses automation tools (XSOAR) and playbooks. Combined with a working IRT team, we can do forensics based on incidents from various sources such as endpoints, firewalls, cloud services, SIEM tools etc.The incidents are mapped to the MITRE ATT&CK® framework to classify the type of incident and where in the attack chain the incident is detected. Mapping incidents to MITRE ATT&CK® enables the platform to quickly identify where in the attack kill chain an incident was discovered. The result is a quick and reliable response back to the customer environment through API integrations.

Region: Nordics

Website

NVISO

NVISO’s 24x7 Managed Detection & Response offering is based on Cortex XDR and XSOAR technology. Leveraging this industry-leading technology, our experienced experts can support customers through the entire cyber security incident lifecycle. The NITRO platform supports NVISO’s Managed Services and allows us to integrate a variety of security solutions to enable efficient orchestration, automation and response.

NVISO is a European company with offices in Brussels, Frankfurt and Munich employing around 150 cyber security experts.

Region: Europe

Website

Conscia

Conscia's 24/7 MDR services are based at NIL (Part of Conscia) with local cyberdefense team representation. Conscia’s turnkey MDR services can be tailored to your organization, and deeply integrated with all Palo Alto Networks technologies, whereby XSOAR is the orchestration and automation engine for all services.

The service includes, among other capabilities: alert monitoring on many platforms, proactive threat hunting and incident response.

Region: Europe

Website

TATA CONSULTANCY SERVICES

Tata Consultancy Services is an IT services, consulting and business solutions organization that has been partnering with many of the world’s largest businesses in their transformation journeys for over 50 years. TCS offers a consulting-led, cognitive powered, integrated portfolio of business, technology and engineering services and solutions. This is delivered through its unique Location Independent Agile™ delivery model, recognized as a benchmark of excellence in software development.

Learn more

Regional Availability: Global

Website

Driven Technologies' 24/7 MDR services leverage a powerful automation tool (Cortex XSOAR) as the nucleus of our SOC, and can ingest alerts from multiple sources such as SIEM, EDR, vulnerability management tools, and cloud services. With a platform built to leverage the MITRE ATT&CK framework, Driven's threat intelligence feeds allow our SOC analysts to improve threat hunting and create high-fidelity alerts which drastically reduce noise and alert fatigue that many SOC operations struggle with. Driven Technologies' platform also provides enhanced business intelligence with our Cyber Risk Scorecard, creating unprecedented visibility into improvements of an organization's security posture.

Regional Availability: North America

Website

Innotec Security

From November 2023, Innotec Security is Part of Accenture, consolidating our position in Spain with over 800 employees. With more than 20 years of experience, Innotec Security continues to be the leading cybersecurity services company in Spain. Over 250 organizations, including the main IBEX 35 companies, as well as Spanish and international public bodies such as NATO, UN, OAS, CCN/CNI and INCIBE, feel cybersecure thanks to Innotec Security's services and care.

Region: Latam and Europe

Website

Help AG

Our CSOC is comprised of top-level security analysts and monitors, analyses and responds to security events occurring within your infrastructure 24/7/365, by utilizing state of the art, customized and fine-tuned SIEM and SOC supporting technologies. Help AG MDR focuses on delivering services locally, in line with leading security policies, frameworks, and technologies, by highly competent resources developed over years of protecting our customers. The offering has differentiated itself by delivering flexible services which combine security event management, infrastructure monitoring, and incident response for our customers either through remote or on-site response teams defined by strict SLA

Region: UAE, KSA

Website

NCL

Net Consulting Ltd.’s UK-based XMDR service provides real-time detect & respond capabilities, backed by 24/7 automation, designed to protect an organisation’s processes and digital assets against cyber threats. The service can be tailored for businesses of any size, but Net Consulting Ltd. specialises in delivering MDR services into mid-market organisations. Run from ‘Floodlight®’ - a Palo Alto Networks Cortex XDR and XSOAR powered UK sovereign SOC, Net Consulting’s team of security analysts monitor networks, users, devices and data to detect and respond to risks. The company also operates a UK Government classified List X facility, in support of their defence practice.

Learn More

Regional Availability: UK and Ireland

Visit their site

Entel Ocean

Our MDR service, with 7x24 coverage, delivered from Chile, enables organizations to partner with a highly qualified team of analysts, specialists, forensic experts and cybersecurity incident responders to reduce detection (MTTD) and response (MTTR) times against threats and cyber-attacks. We also help with preventing risks from materializing byt significantly improving your security posture. Backed by the Entel Ocean security technology stack.

Regional Availability: Latam

Visit their site

Inspira Enterprise India Limited

Overview: Inspira's Cyber Fusion Centers automate incident response for customers with Cortex XSOAR optimized frameworks delivering automation, orchestration, and faster response time for incident management.

Region: Global

Visit their site

Deloitte Touche Tohmatsu India Llp

Overview: Deloitte Touche Tohmatsu India LLP (Deloitte India) offers complete and end-to-end technology-based cyber incident response services to businesses in India using Cortex XSOAR. The collaboration brings together Deloitte’s cyber incident response services with Palo Alto Networks Cortex XDR detection and response technology designed to help businesses rapidly contain and eradicate cyberattacks from the affected environment, limit the impact of an attack on the business, and preserve the integrity of data and Information Technology/Operational Technology systems affected by the incident.

Region: APAC

Visit their site

GrowPro Consulting & Services Co., Ltd

GrowPro MDR offers turnkey MDR Services powered by XDR with the people, expertise and processes necessary to provide superior and rapid response for endpoint, network and optional managed threat hunting. These services are delivered with 24/7 expert engagement from the GrowPro MDR team.

Region of service delivery: ASEAN

Visit their site

Telia Cygate

Telia Cygate is a leading supplier of secure and managed IP-network solutions and system integration in the Nordic region. Telia Cygate custom-tailors platforms that enable companies to handle all their communications in one solution. Telia Cygate offers a complete solution or a choice of services, products and solutions for IT infrastructure.

Region of Service: EMEA

Visit their site

SCALTEL AG

Depending on the maturity of your IT security infrastructure, we deliver services from rapid onboarding with maximum flexibility to a fully managed zero trust solution.

We offer our service from the end device over the network to the OT environment.

In addition to classic threat hunting, we work with you to manage vulnerabilities and build or expand your information security program.

Region of Service: Global

Visit their site

Delta Spike Pte Limited

DeltaSpike Managed Detection and Response (MDR) powered by Cortex XDR provides continuous event monitoring, around the clock with rapid incident management capabilities. This comprehensive and adaptive service leverages real-time and historical detection capabilities, correlation, orchestration, and global threat intelligence. DeltaSpike MDR delivers continuousthreat protection, risk mitigation and reduction, and security expertise to comprehensively secure your business with Cortex XDR-certified SOC analysts available to you on a 24/7 basis. These capabilities are complemented with a complete bespoke service suite of a wide array of cyber security services available at a dial.

Region: APAC

Visit their site

Nomios

Nomios design, secure and manage digital infrastructure for large and small organisations. Our enthusiastic and dedicated professionals develop innovative solutions for your security and network challenges. We deliver our best work by fusing extensive experience with analytical thinking and creative strength. Nomios has over a decade of experience in security and networking for enterprises, data centers and telecommunication companies. This sets us apart from pure players in the enterprise security industry, and allows you to streamline security with networking and IT infrastructure services. Since 2021, Nomios has utilized Cortex XSOAR to deliver security automation into the Modern SOC.

Region: Europe

Visit their site

Red Canary

Red Canary stops cyber threats no one else does, so organizations can fearlessly pursue their missions. We do it by delivering managed detection and response (MDR) across enterprise endpoints, cloud workloads, network, identities, and SaaS apps. As a security ally, we define MDR in our own terms with unlimited 24×7 support, deep threat expertise, hands-on remediation, and by doing what’s right for customers and partners.

Learn more

Region: North America

Visit their site

THEIN

Overview: Thein Security, part of the Thein Group, specialize in cyber security. We offer comprehensive cyber protection services for companies including data leakage prevention, sophisticated attack defense, malware detection, and active anti-DDoS solutions. Our Security Operations Center (SOC) serves customers who simultaneously want to focus on their business and maintain data security.

Region: Czech Republic

Visit their site

Exaprobe

Exaprobe is committed to providing their customers with the best endpoint protection technologies, backed by exceptional services, to ensure complete security across their entire environment. Exaprobe combines the power of the Cortex XDR best-in-class detection and response solution with its managed services offerings to help their customers around the world streamline security center operations (SOCs) and rapidly mitigate cyber threats.

Regional Availability: EMEA

Visit their site

IBM

IBM partners with Palo Alto Networks to offer a security operations transformation, deployment and management services for the full cortex product suite. IBM Security® Managed Detection and Response is part of the industry’s broadest portfolio of MDR and IDPS solutions that manage the full threat management lifecycle. We provide turnkey support for leading XDR, endpoint and network security technologies to eliminate vendor lock-in and improve your security posture.

Regional Availability: North America, Europe and JAPAC

Visit their site

SmartIT

SmartIT is a leading security service provider supporting your business globally. We empower your security operations team with managed threat detection dedicated to detecting and responding to threats and digital risks by delivering proactive security operations based on Cortex solutions as an industry-leading MDR and a Cortex-specialized partner of Palo Alto Networks.

Regional Availability: EMEA

Visit their site

CDW

CDW MDR powered by Cortex® XDR™ delivers continuous threat protection, risk mitigation and reduction and security expertise to comprehensively secure your business. CDW’s 24/7/365 Security Operations Centers stop never-before-seen threats with a single cloud-delivered agent for endpoint protection, detection and response supported by industry-leading service level agreements (SLAs).

Learn More

Regional Availability: North America

Visit their site

mnemonic

Our expert team of security consultants, product specialists, threat researchers, incident responders and ethical hackers ensures we stay ahead of advanced cyberattacks and protect our customers from evolving threats. Acknowledged by Gartner as a notable vendor in delivering Managed Detection and Response (MDR) services, threat intelligence and advanced targeted attack detection, we are among the largest IT security service providers in Europe and a trusted source of threat intelligence to Europol and other law enforcement agencies globally.

Regional Availability: EMEA

Visit their site

Barikat Cyber Security

BARiKAT MxDR Service is aimed at enhancing threat detection and response, operational efficiency, compliance, reducing cyber risks, increasing cyber resilience, and improving manageability by integrating products used in threat detection and response infrastructure within BARİKAT SOC operation.

Regional Availability: EMEA

Visit their site

RightSec

RightSec empowers your organisation's cybersecurity defences with our 24/7 XMDR certified services. A total security provider, RightSec offers comprehensive threat detection, rapid incident response, and seamless integration across your entire digital infrastructure. With the best SLAs in the market, simplified and effective reporting, and strong communication, our highly qualified team will help you stay ahead of evolving cyber threats, and safeguard your business with our next-generation XMDR services.

Regional Availability: JAPAC

Visit their site

HABOOB

HABOOB provides Managed Security Operations Center (MSOC) service using cutting-edge technologies and AI from our partners which is operated by our cybersecurity experts to assure 100% detection rate for all of our customers over 24/7. To continue our goal, HABOOB partnered with Palo Alto Networks to provide Cortex XDR as part of its MSOC service which is considered one of the best XDR solutions.

Region of service: EMEA

Visit their site

Cyberani

Cyberani, an Aramco Digital company, is a leading cybersecurity services provider in Saudi Arabia and the wider region. We utilize cutting-edge technologies to deliver Managed Security Operations Center (MSOC) services and Managed Detection and Response (MDR) services, powered by Palo Alto's Cortex XDR. With two active SOC centers in the Kingdom, we assure our customers of continuous, non-stop 24x7 MSOC and MDR services, as well as incident response capabilities using proprietary threat intelligence feeds.

Region of service: EMEA

Visit their site

GBM | Cor. by GBM

GBM is a leading digital transformation provider in the Middle East, offering its flagship Managed Detection and Response (MDR) service powered by GBM proprietary cyber defense platform “Cor.“ GBM MDR provides 24/7 monitoring, machine-speed threat detection, investigation, incident response, along with a maturity program that enhances clients' cybersecurity posture. GBM's MDR service stands out with its tailored approach, leveraging top providers like Palo Alto Networks through thousands of built-in integrations. Backed by 30+ years of regional experience and 7 local offices, GBM ensures compliance with local regulations addressing the unique security challenges in the Middle East.

Region of service: EMEA

Visit their site

XMDR by SONDA

XMDR by SONDA is designed for organizations that require more than conventional security, SONDA’s XMDR service offers comprehensive visibility and proactive protection across your entire IT landscape, ensuring threats are detected, contained, and eliminated before they can impact your operations.

Key Features of XMDR by SONDA:

  • Cross-Layered Threat Visibility
  • Enhanced Threat Intelligence with Advanced AI
  • Proactive Threat Hunting and Forensics
  • Rapid, Automated Response and Containment

XMDR by SONDA combines extended visibility, advanced automation, and proactive defense to offer your organization complete protection in the face of modern cyber threats.

Region of service: LATAM

Visit their site

Controlware GmbH

Controlware's modular, 24/7 Cyber Defense Services are delivered by certified cybersecurity analysts and reverse engineers with decades of experience. Leveraging cutting-edge technologies such as Cortex XDR, XSOAR, and XSIAM, the team provides comprehensive threat detection, containment, and response. With Service Level Agreements (SLAs) in place, Controlware offers rapid and precise threat mitigation and analysis. By actively engaging with your infrastructure, the team can disrupt threats 24/7 in real time with pre-approved procedures, even outside of your team’s office hours.

With transparent, tiered service pricing and streamlined onboarding process, Controlware can secure your organization in less than a week, minimizing downtime and significantly reducing risk. Controlware’s services holding ISO 27001 and ISO 9001 certifications.

Region of coverage: EMEA

Visit their site