.png?width=1160&height=555&name=Newsletter%20%26%20Blog%20Artwork-8%20(2).png)
Response times typically range between seven and ten minutes for on-premises environments. The attacker dwell time is usually 25 minutes or less before more destructive actions occur. Therefore, aiming for a response time of eight to ten minutes is crucial, which is the standard for most Managed Detection and Response (MDR) services. Cloud response times can extend to 12 to 15 minutes due to additional validation layers. Initial checks may not include geolocation and IP addresses but will consider user agent strings and the user's identity. If the compromised user has administrative privileges, the response can be expedited. It is vital to distinguish between cloud-based and on-premises response times and ensure they are under ten minutes to counteract threat actors effectively. In environments lacking basic security measures like Antivirus (AV) or Endpoint Detection and Response (EDR), response times may be shorter for both attackers and defenders.