What is mean time to detection?
Mean Time to Detection (MTTD) is a key security metric that measures the average time it takes for an organisation to identify a security threat or breach after it occurs. A shorter MTTD indicates that an organisation has strong monitoring and detection capabilities, which can significantly reduce the impact of an attack by enabling faster response. Conversely, a longer MTTD increases the risk of attackers gaining a foothold, escalating privileges, or exfiltrating sensitive data unnoticed. Reducing MTTD is a critical component of any robust cybersecurity strategy.
View an example report
Click below to view a report that you could expect to receive from a single engagement with us. We focus on providing actionable and clearly prioritised recommendations for your team to patch vulnerabilities and strengthen your security.
Mean Time to Detection (MTTD) is a key security metric that measures the average time it takes for an organisation to identify a security threat or breach after it occurs. A shorter MTTD indicates that an organisation has strong monitoring and detection capabilities, which can significantly reduce the impact of an attack by enabling faster response. Conversely, a longer MTTD increases the risk of attackers gaining a foothold, escalating privileges, or exfiltrating sensitive data unnoticed. Reducing MTTD is a critical component of any robust cybersecurity strategy.
Yes, social engineering can be a key component of a CounterSOC engagement. Whether it’s phishing simulations, phone-based attacks, or physical security assessments, we use social engineering techniques to assess how well your organisation can identify and respond to these common attack methods. However, this isn’t just about finding weaknesses—we also work with your team to improve their awareness, response procedures, and resilience to social engineering threats over the course of the engagement.
Not exactly. While CounterSOC shares some similarities with red teaming, such as simulating adversarial behaviour and testing defences, it is a broader and more collaborative service. CounterSOC focuses on addressing the most critical risks first and works to dramatically improve your organisation's security posture over the course of a year. Unlike traditional red teaming or penetration testing, CounterSOC prioritises collaboration with your internal teams, providing workshops, debriefs, and hands-on guidance to ensure you fully understand the threats and can implement effective mitigations. It’s not just about identifying issues—it’s about partnering with you to fix them and continuously strengthen your defences.
Unfortunately, we can’t turn your staff into super hackers in the course of a year, but we do share our tools, tactics, and techniques. We work closely with your team, showing them how to deploy these effectively and make meaningful progress on your organisation’s security posture. By collaborating throughout the engagement, we ensure your staff gains practical skills and knowledge that can drive long-term improvements in your defences.
CounterSOC is a continuous service, typically delivered as a rolling 12-month engagement. This long-term approach ensures your organisation benefits from ongoing attack simulations, real-time threat monitoring, and collaborative support, allowing you to adapt to evolving threats over time. However, we can adjust the duration to meet your specific needs and security objectives.
Other FAQs
We’re working on a large library of terms and frequently asked questions.
You can view all of them by clicking below - or feel free to reach out to us about anything else.
