Managed Detection and Response

Welcome to your Managed Detection and Response trial, by now you should have received an email invitation to login to the Managed Detection and Response (Adlumin) Portal.

The activation link in the email invitation is only active for 72 hours.

Managed Detection and Response is powered by Adlumin and will be primarily collecting data in three ways:

  1. Agent-based, deployed on an endpoint (Windows, Mac, and Linux on-prem or in the cloud).

  2. Syslog through a virtual collector – can be installed on-prem or in the cloud.*

  3. Through direct API access – for example, M365, Google Workspace, AWS CloudTrail, Okta, Duo, many AV / EDR tools, etc.

*To collect logs via syslog from on-prem devices/services (like firewalls) or devices in the cloud that only send syslog, you need to build a virtual collector. This device is a virtual machine that collects syslog, encrypts the data, and sends it to Adlumin in the cloud. Acting as a go-between for sending logs to the Adlumin cloud.

To fully optimize the Managed Detection and Response service, configure the tenant for data collection in preparation for your POV Kick-Off Meeting.

Steps to follow:

  1. Log into Adlumin, and can go to Downloads

  2. Download a Windows installer (an MSI file that can be installed on both servers and workstations) and “Adlumin Forwarder - UbuntuServer v.20.04 x64” this is an .OVA file that will run on ESXi version 6.5 or Hyper-V Server 2019+.

If you or your clients do not have access to a VM, we also provide a Windows standalone agent that can be deployed on a device (workstation/server) inside the network to collect syslog data.

How to make the most of your trial

To help you get started, we have curated a set of resources designed to guide you through the initial setup and utilization of our Managed Detection and Response, ensures you have everything you need to make the most of your trial:

  • Trial Instructions: This guide covers the steps to get up and running with Managed Detection and Response, including the kick-off meeting agenda and preparation, setting up a live client for trialing, and additional useful resources. This guide is also available as a PDF.

  • Resource Package: A zip file containing a collection of scripts and guides for deploying the Windows Syslog collector and Managed Detection and Response Agent via N-central and N-sight, configuring VAR Azure integration, and simplifying infrastructure setup.