G’Secure labs follows a methodology to offer a service that’s most relevant to the size, state and security maturity of the customer with advanced protection with an engagement model to get the most possible value for the customer.

  • Assess

    Understand security maturity to position services appropriate to the customer

  • Engage

    Setup an engagement and governance model for regular reviews, escalations, and day to day working.

  • Deploy

    Remote or onsite deployment of lightweight (vent on endpoints for G’Shield, and deploy SIEM + connector for G'Recon.

  • Manage

    Involves collection, analysis, response and remedi-oton of security risks arid threats during the service delivery phase



Understand security maturity to position services appropriate to the customer.

How is it done:

Mostly online questionnaire followed by a discussion


If customer has high or medium security maturity, then initiate MDR services If customer has low maturity then

  • Propose advisory services to identify gaps, generate guidelines, provide suggestions and create incident response plans. Then initiate MDR services.
  • For IT security products & solutions, refer to GSecurelabs or a local IT reseller



To setup an engagement and governance model for regular reviews, escalations and day to day working.



To deploy MDR technology for protection in customer endpoints for G’Shield

To deploy SIEM in customer network (and connector in endpoints) for monitoring and analytics at our CSOC for G'Recon

How is it done:

Deployable remotely by G'Securelabs or onsite by Customer

  • MDR technology offering protection running in customer endpoints and can be managed and monitored from our CSOC
  • SIEM deployed in customer network for monitoring, reporting and analytics from our CSOC



To monitor and protect customer endpoints from threats and inform (and assist to address) important issues to customer in G'Shield

To coordinate with customer to remediate issues in G'Recon.

How is it done:

With combination of our MDR technology and security envangelists in G'Shield offering we Collect endpoint traffic, Monitor endpoint data in near real time, Analyze data to spot threats, Respond to automatically block threats and clean infections wherever possible, Raise alerts and inform customer and provide assistance to address the threat. With G'Recon we additionally collect data in SIEM to monitor and analyze it to spot suspicious activity, respond by raising an alert and coordinate with customer to remediate it.

How we deliver MDR services

MDR Offering Brief Description How we do it
AI-driven and ML-based Threat Protection
  • AI driven threat intel augmented with human intelligence and experience
  • Behavioral analysis driven threat mgmt. & response
  • Identify IOC and IOA using ML capabilities of Next-Generation Anti-Virus
  • Our security experts then eradicate the root cause using the Prevention Policies for the Endpoints and /or manually.
Threat Anticipation Includes anticipating the threats and determine threats that might occur
  • Industry and Manual threat feeds / correlation
  • Security experts at CSOC apply latest attacker TTPs to continuously analyze the threat / attack patterns and apply to customer network based on relevance to detect (rules) and respond to them.
Response Orchestration (Auto-resolution, Auto-quarantine threats) Orchestrating response as security administrator would do to detect and address attacks automatically or manually
  • Automatically block attacks, clean infections, quarantine threats
  • Incident reports with chain of events and remediation steps to help customer address threats easily
Threat Hunting Security Analytics is used for security, user and IT data to enable and detect unknown and hidden threats which otherwise can be very hard or impossible to detect. Specialized hunting team analyses data from endpoint and network activity, risk assessment, vulnerability analysis to detect threats that may have bypassed other security controls
Security Monitoring This includes detection of threats through application with rules to logs and security events

Monitor traffic and endpoint-user-network activity to identify and analyze patterns, trends, outliers that pose risk for the organization. Operationalizing available SIEM technologies can be hard utilizing more time without desired possible outcomes.
  • Monitor data to identify suspicious behaviour and abnormal activity by Fine tuning the rules for detecting threats and non-compliances.
  • Monitor custom blockings provided by customer (whilelisting & blacklisting)
  • Monitor exploit blockings
  • Monitor IoC
Alert Response This bridges alert notifications to incident response plan and activation
  • Triage the alerts for most relevant threats and then investigate for potential impacts to assets
  • Provide an incident analysis report that describes attack, potential impact, severity and suggested mitigation steps
Coordinated Remediation and Consultation Guidance and coordinated action to remediate issues Coordinate with customer and guide to remediate issues on identifying security threats identified during alert validation or security monitoring or forensic analysis. E.g. isolate infected hosts to contain risk
Forensic Analysis Includes finding root cause of threats or attacks Find root-cause using manual and automated methods with help of log data / meta data, analysis tools, monitoring, expert skills and sandboxing
Threat Modelling and Security Maturity Model Consulting Includes standards driven Threat Modeling & Security Architecture Design Review Keeping in mind business goals, important data, access and entry points, conduct risk assessment, vulnerability analysis, analyse data and provide guidance and consultation to be aware of security risks, incident response play books, and improve maturity with time..
Support & Reports Provide customer support and regular reports
  • 24*7 support over phone and email
  • Report issues to customer with general mitigation steps for remediation (G’Shield)
  • Help customer remediate security risks (G’Recon)
  • Regular status reports and incident triggered reports


G'SECURE LABS Offers a comprehensive suite of solutions for BFSI, Enterprises, Online Portals and SME’S

The Netherlands
Maria Montessorilaan 3,
2719 DB Zoetermeer,
The Netherlands
Tel: +31 (0) 79 3200 980

North America
2651, Pearland Parkway,
Suite 102, Pearland,
Texas 77581
Tel: +1 (518) 320 7711

B/81, Corporate House,
Ahmedabad - 380054
Tel: +91 79 2685 2554