Story image

SecureWorks speeds up threat detection through analytics

30 Apr 2019

SecureWorks has embraced software-as-a-service (SaaS) to protect customers and transform the detect-investigate-respond process towards cyber threats.

This week SecureWorks released Red Cloak Threat Detection and Response (Red Cloak TDR), a security analytics platform built with more than 20 years of threat intelligence from customer endpoints, network, and cloud deployments.

Red Cloak TDR is the first in a suite of Red Cloak SaaS solutions to improve customers’ security operations, and ultimately to help customers become more self-sufficient to defend against current and emerging threats.

"Today's well-armed and coordinated adversaries operate in a collaborative and sophisticated manner, yet the industry continues to rely on disparate tools and siloed, manual investigations," comments SecureWorks SVP of business and product strategy, Wendy Thomas.

Those environments can often leave gaps where threats can remain undetected for days, weeks, months, or even years.

Red Cloak TDR integrates Secureworks' threat intelligence which is compiled from billions of events across thousands of security environments and continuously updated to include new and emerging threats. 

Additionally, Red Cloak TDR integrates data from a variety of third-party sources to give organisations the best possible understanding of their threat landscape.

Additionally, Secureworks' cloud-native application speeds investigations with intuitive workflows and automation, as well as a chat feature that gives users direct access to Secureworks' team of experienced cybersecurity experts. 

"Red Cloak Threat Detection and Response automates the investigation of high fidelity alerts and integrates decades of experience, knowledge and threat intelligence so enterprises can rapidly take the right action and reduce business risk,” says Thomas.

Features at a glance:

  • Red Cloak TDR analyses activity from endpoint, network and cloud while reducing the number of false positives security professionals face. It detects advanced threats by correlating information from a variety of sources and threat intelligence feeds, integrating Secureworks' knowledge of threat actor behaviours, and applying machine learning to provide much-needed context about the threat. Red Cloak TDR builds trust in security alerts and frees security teams to focus on threats that matter.
  • Designed around Secureworks' defense in concert methodology, Red Cloak TDR unifies security environments and analyses all relevant signals in one place. Users gain additional context so they can quickly and accurately judge the implications of each event.
  • By working on investigations together, teams can quickly reach conclusions with confidence. The built-in chat feature can be used right from the user interface during an investigation to get expert help based upon years of experience hunting, analysing and defending against threats.
  • The application allows for a quick, accurate, software-driven response that gives users the ability to automate the right action.
  • Because Red Cloak TDR is a cloud-based SaaS application, companies won't have the burden of installing on-premises hardware or maintaining software version upgrades. Updates, backups and tuning are covered.
  • Red Cloak TDR does not charge by data consumption, so subscribers are free to process the security-relevant data they need to keep their organisation safe.
  • Onboarding is quick and easy because the application is designed to easily integrate into an organisation's current control framework.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
One Identity named Leader in PAM and IAM by KuppingerCole
KuppingerCole lead analyst Anmol Singh evaluated the strengths and weaknesses of 20 solution providers in the PAM market for the report.
Healthcare environments difficult to secure - Forescout
The convergence of IT, Internet of Things (IoT) and operational technology (OT) makes it more difficult for the healthcare industry to manage a wide array of hard-to-control network security risks.