Story image

Secureworks opens up proprietary UEBA through partner programme

05 Sep 2018

Cybersecurity company Secureworks announced that it will partner with other security solution providers to apply its Red Cloak behavioural analytics in their customers’ environments.

Secureworks’ decision to decouple its proprietary analytics offering from its endpoint agent will make the company’s high-fidelity detection and threat hunting capabilities available more broadly in the marketplace, while also giving clients the freedom to choose endpoint security products that best meet their needs.

Secureworks threat hunters and incident responders developed Red Cloak in 2010 when they were unable to find adequate tradecraft for analysing threat actor behaviour and intent.

The company has since deployed Red Cloak in response and hunting engagements around the globe and also applies the analytics as part of the company’s managed detection and response offerings.

With the launch of its Red Cloak Partner Program, Secureworks will engage in a more transparent exchange of raw data with participating vendors.

This collaboration will generate the necessary level of telemetry that Secureworks analysts require to apply Red Cloak behavioural analytics effectively and generate positive outcomes for the client.

When a partner’s solution is coupled with Secureworks telemetry and intelligence, clients can expect:

  • a comprehensive view of threat actor activity in their environment,
  • better context for validating and remediating threats,
  • new countermeasures as vendors share a broader range of threat detection and response data and
  • the option to conduct threat hunting searches

 “We are launching this program to foster more cooperation and transparency in the security market and help clients detect advanced threats,” says Secureworks president and CEO Michael Cote.

“The Red Cloak Partner programme enables Secureworks to apply its intelligence and threat hunting capabilities to the client’s choice of security tools.”

 “In the majority of incident response engagements, we discover that the organisation lacks enough visibility to accurately identify malicious activity,” says Secureworks chief threat intelligence officer Barry Hensley.

“Secureworks’ analytics engine leverages our understanding of threat behaviour to detect adversaries who are using complex techniques to elude an organisation’s security controls.

“When Red Cloak is deployed, clients can rapidly focus resources on the right priorities versus getting lost in a maze of forensics activity.”

Secureworks invests heavily in developing counter threat intelligence and platforms that provide earlier warning of hidden intruders.

Aerohive launches guide to cloud-managed network access control
NAC for Dummies teaches the key aspects of network access control within enterprise IT networks and how you can secure all devices on the network.
Sungard AS named DRaaS leader by Forrester
It was noted for its disaster-recovery-as-a-service solution’s ability to “serve client needs at all stages of their need for business continuity.”
Gartner: The five priorities of privacy executives
The priorities highlight the need for strategic approaches to engage with shifting regulatory, technology, customer and third-party risk trends.
Thycotic debunks top Privileged Access Management myths
Privileged Access encompasses access to computers, networks and network devices, software applications, digital documents and other digital assets.
Veeam reports double-digit Q1 growth
We are now focussed on an aggressive strategy to help businesses transition to cloud with Backup and Cloud Data Management solutions.
Paving the road to self-sovereign identity using blockchain
Internet users are often required to input personal information and highly-valuable data from contact numbers to email addresses to make use of the various platforms and services available online.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.