Threat Review

What is a Threat Review?

A Threat Review is a meeting between Samurai Security Operation Center (SOC) Analysts your assigned Cybersecurity Advisor (if applicable) and your designates with the goal of ensuring your organization derives maximum value from the Samurai Managed Detection and Response (MDR) service.

Threat Reviews include:

review of any reported security incidents within the time period
recommendations to improve detection and response
follow-up and tracking to ensure reported threats are handled and mitigated
dialogue around detection and emerging threats

How often are Threat Reviews conducted?

Threat Reviews are conducted quarterly with a standard Samurai MDR subscription and are typically scheduled during onboarding.

For clients’ that prefer a dedicated senior-level resource and a monthly candence of Threat Reviews the Samurai Cybersecurity Advisor is available as an add-on subscription.

Where can I find more information?

Review MDR Threat Reviews and/or SamurAI Cybersecurity Advisor Service Description.

Threat Reviews and the SamurAI MDR Portal

Threat Review information is available within the Samurai MDR Portal after being published by the SOC. Publication of a new Threat Review will typically occur 24hrs before the scheduled meeting.

To access Threat Reviews, click on Threat Review from the main menu.

A visual indicator is displayed beside the Threat Review menu item displaying the number of published Threat Reviews that may require your review.

The Threat Review landing page displays all Threat Reviews to date for your Samurai MDR subscription and also documented Action Points.

Figure 1: Example Threat Reviews

Threat Review Fields

Find information related to Threat Review fields:

1. Reference

Reference number of the Threat Review

2. Status

Each Threat Review has a status:
- Published - a newly created Threat Review for the given time period
- Closed - Threat Review is closed after meeting with client designates

3. Title

A given title for the Threat Review typically based on the time period.

4. Start Date

Start date for all detail within the Threat Review.

5. End date

End date for all detail within the Threat Review.

Action Points

Action Points are typically tasks that have been documented during a Threat Review. Actions points are tracked over the subcription period and once actioned updated as Completed.

Figure 2: Example Action Points

What now?

Click on a Threat Review listed within the landing page to view more detail. Review Threat Review Detail for additional information.