Listing Thumbnail

    MXDR with Splunk

     Info
    Sold by: NCC Group 
    NCC Group’s Managed Extended Detection & Response (MXDR) with Splunk, a solution built on Splunk technology available in AWS Marketplace, delivers 24/7 threat detection, investigation, and response across cloud, hybrid, and on-premises environments. Combining advanced analytics, automation, and expert human oversight, our service rapidly contains threats, supports cloud adoption, and reduces dwell time. Tailored to the needs of mid-market and enterprise clients, our offering supports compliance, improves security maturity, and reduces the cost of ownership for modern security operations.

    Overview

    NCC Group’s MXDR with Splunk provides clients with a scalable, fully managed security operations capability. Delivered by our globally distributed Security Operations Centres (SOCs), the service is powered by Splunk’s Security Information and Event Management (SIEM) platform, enriched by NCC Group’s threat intelligence, automation, and incident response expertise.

    We manage the full lifecycle of threat detection and response, from log onboarding to incident closure, allowing your internal team to focus on business priorities. Our experienced analysts, engineers, and detection specialists ensure that your telemetry is transformed into actionable cases, supported by well-defined playbooks and custom detection logic tailored to your environment.

    Clients benefit from a modular service design, enabling integration with third-party tools such as EDR, cloud platforms, and SOAR technologies. Our MXDR is suited to regulated sectors including financial services, healthcare, energy, and critical infrastructure globally.

    Core Service Features

    • 24/7 threat monitoring and triage across cloud, on-prem, and hybrid environments
    • In-house detection engineering responsible for over 40% of true positives
    • Automated response options via Splunk SOAR or integrated playbooks
    • Weekly reporting and incident trend insights
    • Monthly service reviews with a dedicated Service Delivery Manager (SDM)
    • Support for Microsoft, AWS, and Google Cloud telemetry ingestion
    • SLA-backed response times

    Add-On Modules

    • This service can include an assessment of the security posture within your AWS environment.
    • Leveraging AWS for optional long-term storage for compliance and forensic purposes
    • Threat Hunting and Adversary Simulation
    • Integration with EDR, NDR, Vulnerability scanning and Managed Canary services.
    • Integration with Cribl Stream/Edge for data optimisation

    Delivery Approach

    • Onboarding within 4-8 weeks via a structured project approach
    • Delivered as a managed service under contract
    • Dedicated Service Manager, Security Engineers, and Incident Responders
    • Fully cloud-hosted (Splunk Cloud hosted in AWS) or hybrid-hosted options available
    • Support for multitenant and decentralised enterprise environments

    Highlights

    • Data sovereignty requirements
    • Custom detection logic and use cases
    • Integration with your existing security stack

    Details

    Delivery method

    Deployed on AWS

    Unlock automation with AI agent solutions

    Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
    AI Agents

    Pricing

    Custom pricing options

    Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Support

    Vendor support

    Full managed service supported by NCC Group’s Service Delivery Manager and Technical Operations support functions Get Support