MDR

Managed Detection and Response. A security service model where a third-party provider operates detection and response capabilities on behalf of the client — including monitoring, threat hunting, incident investigation, and containment. MDR differs from EDR in that MDR is a service (with human analysts), while EDR is a product category. Huntress is an example of an MDR service built specifically for MSPs.

MDR vs. EDR

EDR is a software tool. MDR is a managed service that typically uses EDR tooling plus human analysts.

Common examples

Huntress, Arctic Wolf, Deepwatch, Secureworks Taegis.

Why it matters

Most SMB clients cannot afford or staff a dedicated SOC. MDR delivers SOC-quality detection at a price point that works for the SMB market.