Managed Detection And Response (MDR)

Today, organizations utilize numerous security products and services. Most are standalone and too slow to catch modern day attacks until after the payload has been delivered. Hackers are also relying more on “living-off the-land” strategies: leveraging existing IT technologies and user accounts for malicious purposes. As a result, detecting and analyzing hacker tradecraft often takes significant time, technical expertise, and resources. The Pegasus SNAP-Defense security operations and incident response platform is a gamechanger. SNAP-Defense excels at monitoring and catching modern hacking tradecraft, delivering real-time alerts, and allowing for immediate threat response.

Satisfies Many Cybersecurity Compliance And Reporting Requirements

Pegasus SNAP-Defense is a Security Operations and Incident Response platform that will not only detect and halt breaches in their earliest stages, but will also automatically generate dynamically updated compliance reports for you; greatly simplifying the compliance and regulation portion of doing business and allowing you to focus on other areas that need attention.

SNAP-Defense Is Competitively Priced And Offers Significantly More Capabilities And Value Than Competing Solutions.

See it in action!

Learn more or schedule a demo by contacting us at 610-444-8256 or

Identify Threats in Realtime Using SNAP Patented Detection Technology

  • Immediate network enumeration detection
  • Immediate lateral spread detection
  • Immediate remote privileged activity detection
  • Immediate malware event detection (with managed antimalware integration)
  • Immediate process hash and process tree visibility during an alert
  • Immediate removable storage detection
  • Immediate syslog-based threat alerting with automated context enrichment
  • Continuous and custom monitoring of Windows process and service threat indicators
  • Automated alert correlation and enrichment, including affected devices’ users, VLANs, hostnames, OS versions, and more
  • Customizable suppression rules reduce threat event operator/analyst overload
  • Realtime SMS and email threat notifications
  • Integrates, consolidates, and enriches alerts from numerous 3rd party security applications, including Sophos, Cisco AMP, Meraki, and more

Identify Security Risks and Ensure Continuous Compliance

  • Quickly generate real-time and historical reports

Summary Report:

  • Outstanding alerts by criticality, type, and time
  • Overall system health and status
  • Suppressed events by type and time

Compliance Report:

  • NIST 800-171
  • NYCRR-500
  • Sarbanes-Oxley
  • CJIS

Privileged Activity Report:

  • New/most/least active privileged users
  • New/all remote executions
  • Remote executions by user and application
  • New/all RDP activity
  • RDP activity by user, source, and destination
  • New/all privileged share activity

Security Events Report:

  • Antimalware events by severity, type, and time
  • Process and service threats by severity, type, and device
  • New attack sources and targeted devices
  • New point-to-point connections
  • New/all USB activity
  • USB activity by device
  • New/all malware persistence techniques

Network Report:

  • Detected enumeration activity
  • Enumeration activity by source, destination, and time
  • Core network change detection
  • SNMP community strings
  • Insecure core network passwords
  • Network Management devices, including TACACS, SNMP, NETFLOW, SYSLOG, NTP, and RADIUS

Stop Threats in Realtime with Built-in, Immediate, and Effective Response

  • Point-and-click response to detain compromised devices
  • Easily understandable alerts enable rapid triage by Tier 1 analysts with detailed data for Tier 3 analysts
  • Custom detainment notification message to device users
  • Immediate notifications of un-detained devices
  • Preserves compromised device state for follow-up forensics and threat analysis
  • 3rd-party response orchestration

Gain Unparalleled Live Insight into Privileged User Activity and Behavior

  • Identify privileged user accounts
  • View privileged user activity, including network shares, remote desktop, remote execution, and more
  • Detect low-frequency privileged activity
  • Automatically reports new, previously unseen privileged users and activity
  • Immediately identify privileged insider threat

Microsoft 365 Security Add-on for 24/7 True Managed Detection + Response

  • Accounts Created/Deleted
  • Altered Administrator Roles
  • Too Many Login Attempts
  • Sign-in from Unauthorized Country
  • Email Impersonation
  • SharePoint or OneDrive Files Shared Publicly
  • SharePoint Site Deletion
  • Accounts Generating Spam
  • Ensure Audit/Mailbox Logs Always On
  • MFA Authentication for Administrators
  • No Scripting (PowerShell) Privileges for Non-administrators
  • Block Dangerous Email Attachments
  • Block Mail Forwarding Rules
  • Block Third Party Applications
  • Limit External Information Leakage
  • Block Top Spamming Countries


Companies in every industry have an obligation to not only secure the information they collect, but also to stay compliant with the regulations that are in place for each of their particular industries. This may seem like an extremely daunting task, but these regulations are in place to improve information security. Also, non-compliance can result in severe fines.

SNAP-Defense is a Next Generation Security Operations and Incident Response platform, providing the best earlystage breach detection and response capabilities on the market. Auditing is made easy with a convenient reporting module built-in to the platform. Generate dynamically updated reports with the click of a button. Support links are included in the report to immediately access the relevant data from SNAP-Defense for each supported sub-section of the framework.

With SNAP-Defense alone, organizations can address over half of the NIST 800-171 compliance checklist. When integrated with an anti-virus solution, the suite addresses over two-thirds of the checklist.

Key Benefits:

Learn more or schedule a demo by contacting us at 610-444-8256 or