Sold by: NCC Group
NCC Group’s Managed Extended Detection & Response (MXDR) with Splunk, a solution built on Splunk technology available in AWS Marketplace, delivers 24/7 threat detection, investigation, and response across cloud, hybrid, and on-premises environments. Combining advanced analytics, automation, and expert human oversight, our service rapidly contains threats, supports cloud adoption, and reduces dwell time.
Tailored to the needs of mid-market and enterprise clients, our offering supports compliance, improves security maturity, and reduces the cost of ownership for modern security operations.
Overview
NCC Group’s MXDR with Splunk provides clients with a scalable, fully managed security operations capability. Delivered by our globally distributed Security Operations Centres (SOCs), the service is powered by Splunk’s Security Information and Event Management (SIEM) platform, enriched by NCC Group’s threat intelligence, automation, and incident response expertise.
We manage the full lifecycle of threat detection and response, from log onboarding to incident closure, allowing your internal team to focus on business priorities. Our experienced analysts, engineers, and detection specialists ensure that your telemetry is transformed into actionable cases, supported by well-defined playbooks and custom detection logic tailored to your environment.
Clients benefit from a modular service design, enabling integration with third-party tools such as EDR, cloud platforms, and SOAR technologies. Our MXDR is suited to regulated sectors including financial services, healthcare, energy, and critical infrastructure globally.
Core Service Features
- 24/7 threat monitoring and triage across cloud, on-prem, and hybrid environments
- In-house detection engineering responsible for over 40% of true positives
- Automated response options via Splunk SOAR or integrated playbooks
- Weekly reporting and incident trend insights
- Monthly service reviews with a dedicated Service Delivery Manager (SDM)
- Support for Microsoft, AWS, and Google Cloud telemetry ingestion
- SLA-backed response times
Add-On Modules
- This service can include an assessment of the security posture within your AWS environment.
- Leveraging AWS for optional long-term storage for compliance and forensic purposes
- Threat Hunting and Adversary Simulation
- Integration with EDR, NDR, Vulnerability scanning and Managed Canary services.
- Integration with Cribl Stream/Edge for data optimisation
Delivery Approach
- Onboarding within 4-8 weeks via a structured project approach
- Delivered as a managed service under contract
- Dedicated Service Manager, Security Engineers, and Incident Responders
- Fully cloud-hosted (Splunk Cloud hosted in AWS) or hybrid-hosted options available
- Support for multitenant and decentralised enterprise environments
Highlights
- Data sovereignty requirements
- Custom detection logic and use cases
- Integration with your existing security stack
Details
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Support
Vendor support
Full managed service supported by NCC Group’s Service Delivery Manager and Technical Operations support functions Get Support