Story image

Secureworks opens up proprietary UEBA through partner programme

05 Sep 18

Cybersecurity company Secureworks announced that it will partner with other security solution providers to apply its Red Cloak behavioural analytics in their customers’ environments.

Secureworks’ decision to decouple its proprietary analytics offering from its endpoint agent will make the company’s high-fidelity detection and threat hunting capabilities available more broadly in the marketplace, while also giving clients the freedom to choose endpoint security products that best meet their needs.

Secureworks threat hunters and incident responders developed Red Cloak in 2010 when they were unable to find adequate tradecraft for analysing threat actor behaviour and intent.

The company has since deployed Red Cloak in response and hunting engagements around the globe and also applies the analytics as part of the company’s managed detection and response offerings.

With the launch of its Red Cloak Partner Program, Secureworks will engage in a more transparent exchange of raw data with participating vendors.

This collaboration will generate the necessary level of telemetry that Secureworks analysts require to apply Red Cloak behavioural analytics effectively and generate positive outcomes for the client.

When a partner’s solution is coupled with Secureworks telemetry and intelligence, clients can expect:

  • a comprehensive view of threat actor activity in their environment,
  • better context for validating and remediating threats,
  • new countermeasures as vendors share a broader range of threat detection and response data and
  • the option to conduct threat hunting searches

 “We are launching this program to foster more cooperation and transparency in the security market and help clients detect advanced threats,” says Secureworks president and CEO Michael Cote.

“The Red Cloak Partner programme enables Secureworks to apply its intelligence and threat hunting capabilities to the client’s choice of security tools.”

 “In the majority of incident response engagements, we discover that the organisation lacks enough visibility to accurately identify malicious activity,” says Secureworks chief threat intelligence officer Barry Hensley.

“Secureworks’ analytics engine leverages our understanding of threat behaviour to detect adversaries who are using complex techniques to elude an organisation’s security controls.

“When Red Cloak is deployed, clients can rapidly focus resources on the right priorities versus getting lost in a maze of forensics activity.”

Secureworks invests heavily in developing counter threat intelligence and platforms that provide earlier warning of hidden intruders.

Comms providers hit by most DDoS attacks in Q3 2018
New data indicates attackers preyed on the large attack surface of ASN-level communications service providers with a ‘bit-and-piece’ approach.
Check Point launches hyperscale network security solution
With Check Point Maestro, organisations can scale up their existing Check Point security gateways on demand.
Should AI technology determine the necessity for cyber attack responses?
Fujitsu has developed an AI that supposedly automatically determines whether action needs to be taken in response to a cyber attack.
Trend Micro’s telecom security solution certified as VMware-ready
Certification by VMware allows communications service providers who prefer or have already adopted VMware vCloud NFV to add network security services from Trend Micro.
Frost & Sullivan honours Honeywell's IIoT value creation
Frost & Sullivan has awarded Honeywell with the 2018 Global Customer Value Leadership Award for its work protecting industrial internet of things (IIoT) customers.
Top cybersecurity threats of 2019 – Carbon Black
Carbon Black chief cybersecurity officer Tom Kellermann combines his thoughts with those of Carbon Black's threat analysts and security strategists.
Google's €50m fine a wake up call for big data analytics
Data analytics are essential to company growth, competitive differentiation, and innovation. But there’s now a huge challenge.
UK security startup Barac sets sights on America
“Malware hidden in encrypted traffic is one of the biggest threats organisations are facing today,” says new EVP global sales.