Frequently Asked Questions

Please look over our commonly asked questions below. If a question you have has not been listed, then you can reach out to us on our Contact Us page and we would be happy to reply to you as soon as possible. If you are a customer, additional information is available through your customer portal.

  • How does MXDR save money for my organization?

    MXDR helps organizations save money by reducing the cost of security incidents and downtime, increasing the operational efficiency of existing IT resources, reducing legal costs and fines associated with compliance violations, and consolidating certain security tools that you may already be paying for separately. By providing comprehensive protection across an organization's entire IT environment, MXDR can help organizations minimize the risk of a cybersecurity breach and the associated costs (see next FAQ).

  • What are the consequences of a cybersecurity breach?

    Here are some of the consequences a business might face with a cybersecurity breach.

      • Business Disruption: A loss of critical infrastructure can disrupt business operations, resulting in lost productivity and revenue. In some cases, businesses have had to shut down completely to remediate the breach.
      • Financial Loss: This includes the cost of repairing the damage, investigation  and fines/legal costs if sensitive customer data is exposed along with any compensation for those affected.
      • Intellectual Property Theft: If your company is built around intellectual property, there is a good chance you could be a target for corporate espionage. Adversaries will quietly live on your network and extract trade secrets, patents, and other confidential information.
      • Regulatory Compliance: A breach can result in regulatory compliance issues, including violations of data protection and privacy regulations. This can result in fines and litigation, as well as damage to the business's reputation.
      • Reputation Damage: A loss of customer information can damage a business's reputation, resulting in a loss of customer trust and loyalty. This can have long-term consequences for the business, including a loss of revenue and market share.

  • How does MXDR improve my organization’s cybersecurity?

    MXDR provides threat detection and response by providing a comprehensive view of an organization's entire infrastructure, allowing us to identify and respond to complex attacks. It leverages advanced analytics and machine learning to detect threats that would otherwise go unnoticed. And once a threat is detected, our 24/7 Security Operations Center is there to intervene and help ensure that you can continue to do business as usual.

  • I have antivirus on my computers, why do I need MXDR?

    While reactive antivirus software is an important component of a comprehensive cybersecurity strategy, it is not nearly enough on its own to protect against the increasingly sophisticated cyber threats faced by organizations today. Antivirus looks at things in isolation and is mainly focused on known malicious files. MXDR uses advanced analytics and machine learning on a vast variety of indicators to detect and respond to new and emerging threats in real-time, providing proactive protection against sophisticated attacks. Our service does include NGAV (Next-Generation Anti-Virus) as well, adding to its value.

  • Can you customize the service for my organization?

    Eventually we may consider this for larger organizations, but right now the focus is on a standardized service that allows us to keep costs down without compromising the effectiveness of our MXDR. Our goal from the start was to make sure that enterprise-class protection was accessible to all levels of business, and that is going to continue to be our priority. Large companies benefit from this value as well.

  • What is an endpoint?

    Windows, Linux and Mac are the traditional endpoints that we defend. MXDR, however, incorporates additional sources of data as endpoints; logs from your firewalls and other security devices for example. The power of MXDR comes from the ability of machine learning and AI to identify meaningful patterns and behaviors amongst these data sources, both in isolation and holistically.

  • What kind of data do you collect?

    You may be more interested in what we do not collect. Security Farm does not collect the contents of files, documents, or any other personal information. We collect security metadata; data that describes other data. An example would be the source and destination IP addresses of network traffic, the user account associated with that particular activity, the type of activity or event that occurred, and the time and date that it took place.

  • What data sources does MXDR integrate with?

    Security Farm MXDR integrates with over 200 unique data sources, with more sources constantly being added. Machine learning and AI can recognize important patterns and relationships between these data sources that human analysis alone cannot. During the onboarding process we will work with you to determine what data sources we can leverage.

  • Can MXDR be used in cloud-based environments such as AWS or Azure?

    Yes, part of what makes up MXDR is the ability to traverse traditional boundaries to provide comprehensive protection in a hybrid environment.

  • How long does the onboarding process take?

    The onboarding process should take less than 30 days. Security Farm provides deployment instructions, but we do not provide any administration of your network; your personnel will ultimately be responsible for installing the agent. Don’t worry though, it is not particularly difficult to deploy and it will update automatically.

  • What affect does this have on my system performance?

    Our agent actively protects your endpoint and collects data, but it does not process that data. The impact on your system performance should be minimal. As with any administrative changes, your IT department can roll it out incrementally and monitor its resource usage.

  • What is SOAR?

    SOAR stands for Security Orchestration, Automation and Response. By integrating and automating our security tools and processes, Security Farm Analysts are able to focus their time on what matters; identifying and responding to threats.

  • What is a Public Benefit Corporation?

    A traditional corporation is legally required to prioritize profit or “shareholder value”. A public benefit corporation allows us to put your security first. The official, legal purpose on which the Security Farm is incorporated is “Domestic Cyber Security”.

  • What is an I-Corporation?

    Internally the I-Corporation structure is our voting and profit distribution model, the details can be found here (link). What it means is that Security Farm is an employee-owned company where profit is ethically, incentively distributed and employees are empowered within the organization.

  • Does Security Farm perform incident response and forensics?

    We do not provide incident response and forensics. MXDR is focused on preventing this need in the first place. If your network has already been severely compromised, you will likely need a different team to remediate first. Afterwards, we would be glad to help prevent that from happening again.

  • Is Security Farm MXDR a managed SIEM?

    While our service uses a SIEM on the backend, customers do not have direct access to interact with the data. Data Analysis, Alerting and Reporting are managed by our 24/7 Security Operations Center, and you will have access to security dashboards that keep you informed of what’s going on.

  • Is Security Farm MXDR a Security Operations Center as a Service (SOCaaS)?

    Somewhat. If you have been researching cybersecurity solutions, you may have noticed there are a lot of different industry terms. Security Farm MXDR is ran by our 24/7 SOC, but there are a few aspects that may be associated with a Security Operations Center that we do not currently provide. One such aspect is compliance and vulnerability assessment. While we might be able to offer you general advice or identify (and report) vulnerabilities indirectly, these are not services that we currently provide.