Managed Detection
and Response (MDR) Service

Monitor your IT environment around the clock and detect threats before they become incidents. Our managed detection and response (MDR) service is built on the recognized Field Effect platform, with 24/7 monitoring by a security operations centre, available to your organization through Commissionnaires du Québec’s distribution partnership. A technology usually reserved for large enterprises, now within reach of SMBs, municipalities and other organizations.

LEARN MORE

A simple, jargon-free definition

Managed detection and response (MDR) is a fully managed cybersecurity service that combines a continuous-monitoring technology platform (endpoints, network, cloud applications, dark web) with a team of human analysts operating 24/7.

The M in MDR, managed, is precisely what sets it apart from a standalone EDR. With an EDR, your organization receives raw alerts and must analyze them itself. With an MDR service, sometimes called a managed SOC, human monitoring, false-positive triage and proactive threat hunting are handled for you.

What is managed detection
and response (MDR)?

Make a Request

The service allows you to:

Make a Request

Monitor continuously

Endpoints, network perimeter, cloud identities, dark web.

Detect quickly

Multi-source correlation and threat hunting by SOC analysts.

Triage alerts

False positives eliminated, prioritized alerts with clear remediation guidance.

Respond automatically

Automated action on active threats based on the policies set at scoping.

Why does your organization need
an MDR service?

Three converging realities make continuous monitoring essential for SMBs, municipalities and nonprofits: an attack surface expanding faster than internal teams can keep up, tightening regulatory and contractual requirements, and an in-house SOC that remains out of budget reach for the vast majority of organizations.

1. An attack surface that exceeds internal capacity

Between remote work, multiple cloud platforms, SaaS applications and mobile devices, the surface to monitor goes beyond what a generalist IT team can cover 24 hours a day.

Without dedicated cybersecurity monitoring, the first signs of an attack go unnoticed until ransomware detonates or a third party reports a leak.

2. Building an in-house SOC is out of reach

Recruiting, training and retaining a team of analysts able to sustain a continuous 24/7 rotation represents a seven-figure annual investment. Out of reach for an SMB.

MDR delivers this level of protection at a shared cost.

3. Regulatory requirements are tightening

For organizations subject to PIPEDA, PCI-DSS or NIST requirements, early detection is becoming an operational prerequisite.

Vendor contracts increasingly include clauses on continuous monitoring, detection capabilities and incident notification timelines. Without MDR, these requirements are hard to honour.

A technology usually reserved for large enterprises, integrated into a complete cyber ecosystem

Field Effect does not sell its platform directly. Access to an MDR service of this calibre, generally reserved for organizations able to negotiate a direct contract with the vendor, is only available through a network of authorized distribution partners.

Commissionnaires du Québec is one of those partners. Our role: democratize this technology for the SMBs, municipalities and nonprofit organizations normally excluded by their size, and pair it with a complete ecosystem of cybersecurity services operated directly by our analysts.

Our offer: democratizing a world-class MDR platform

Make a Request

What the Field Effect platform
does for you

The platform monitors your environment continuously and neutralizes threats according to the policies set at scoping:

  • Unified monitoring of Windows, Mac and Linux endpoints, the network perimeter and cloud services (Microsoft 365, Google Workspace, and more than ten critical SaaS platforms).
  • Real-time detection by an analysis engine combining machine learning with expert rules calibrated to the latest attack tactics.
  • Automatic blocking of ransomware and malware at the endpoint, before execution.
  • Continuous dark web monitoring: more than 1,000 sources watched to detect credentials or sensitive data linked to your domains being offered for sale.
  • Proactive threat hunting by Field Effect SOC analysts 24/7.
  • Prioritized alerts (AROs) with clear remediation guidance, free of noise and false positives.

What Commissionnaires du Québec
builds around the platform

Beyond access to the platform, our value lies in the combined effect of MDR with the other cybersecurity services we operate directly. That is where a coherent cyber program is built, not in a juxtaposition of separate tools.

1. Democratizing access

Without a distribution partner, the Field Effect platform remains out of reach for organizations that lack the volume to negotiate directly with the vendor.

Our role as an authorized partner for Quebec and Canada puts this technology within reach at your scale.

2. Upstream scoping with our posture assessment

Before deploying continuous monitoring, you need to know what you are monitoring.

Our security posture assessment maps your gaps, critical assets and blind spots. MDR then becomes targeted, not generic.

3. Response when a serious incident strikes

MDR detects and alerts, but it does not run the forensic investigation or crisis communications.

Our incident response service and our forensic analysis team take over when a serious incident occurs.

4. Reducing human exposure

Most compromises begin with a user error.

Our training and awareness programs complement the technical layer of MDR with a human one, and the two reinforce each other.

What the service actually covers

Four complementary monitoring layers make up the standard scope. The exact scope is set with you at scoping, based on your environment and priorities.

1. Endpoint coverage

A lightweight agent installed on Windows, Mac and Linux endpoints. Real-time detection, automatic blocking of malware and ransomware, software vulnerability management, remote isolation. Integrates with Microsoft Defender for Endpoint in environments that already use it. Endpoint protection (endpoint detection and response, EDR) remains the first line of defence against most modern attacks.

2. Network coverage

A passive sensor behind your firewall inspects north-south traffic without decrypting it. Detection of command-and-control (C2) communications, abnormal data transfers, shadow IT and connections to malicious destinations. Encrypted metadata is retained for 90 days for investigation when in doubt.

3. Cloud coverage

Monitoring of identities and activity across Microsoft 365, Google Workspace, AWS, Salesforce, Box, Dropbox, ServiceNow, Duo, Zendesk and Okta. Detection of credential compromise, suspicious inbox rules, abnormal exfiltration and access-right changes.

4. Dark web monitoring

Continuous watch over more than 1,000 sources (forums, black markets, Telegram channels) to detect credentials, financial data or sensitive information linked to your domains being sold or published. A contextualized alert for every new or historical detection.

5. Additional components

Depending on the plan selected, your service can include additional components such as a roaming secure DNS that blocks access to malicious destinations even outside the corporate network, an on-demand suspicious email analysis service for your users, and periodic trend and coverage reports.

Artificial intelligence,
now under watch (AIDR)

AI adoption is moving faster than AI governance. According to Field Effect’s 2026 data, 93% of organizations use AI tools, knowingly or not, and 26% run six or more. Prompts, file uploads, integrations: every ungoverned use exposes sensitive data and creates compliance risks that traditional tools were not designed to cover.

AI detection and response (AIDR) extends the Field Effect platform’s monitoring to this new attack surface. No additional agent, no separate console: the capability is built natively into the platform and available depending on the plan selected.

1. Visibility into AI usage

A real-time inventory of the AI tools active in your environment: who uses them and what they connect to.

Shadow AI operating outside any internal policy finally becomes visible.

2. Usage control

You decide which AI tools are sanctioned and which are blocked.

Your teams gain productivity without blindly accepting new data-leak or compliance risks.

3. Visibility into AI impact

Beyond the inventory, the platform analyzes what AI tools actually do in your environment.

Abnormal behaviour, drift and malicious uses, such as AI-assisted phishing, are flagged.

4. Impact control

Zero-trust principles applied to AI activity.

What tools can access, do and influence in your environment stays governed by your policies.

Four steps structure the rollout and operation of the service:

  1. Initial scoping: A discovery workshop with your leadership to map your environment, regulatory constraints and priorities. Together we select the plan and the monitoring scope.
  2. Deployment and onboarding: Our analysts install the endpoint agent and the network sensor and connect your cloud services. Automated response policies are configured around your operational constraints.
  3. 24/7 continuous monitoring: The Field Effect SOC watches your perimeter around the clock. Raw alerts are triaged by the platform and by analysts. You receive only prioritized AROs, with clear instructions. Automatic blocking and isolation actions are triggered according to your policies.
  4. Follow-up and escalation when needed: Periodic check-ins with your Commissionnaires du Québec contact to review trends and adjust policies. If a serious incident occurs, you can escalate to our incident response service for forensic investigation and crisis communications, a separate and optional service.

Our process, from scoping
to steady state

Contact Us Now

make a request

Trust Commissionnaires du Québec and Field Effect for your 24/7 monitoring. Contact us to discuss your MDR project.

    Scroll to Top