sb-as logo
Story image

SecureWorks speeds up threat detection through analytics

30 Apr 2019

SecureWorks has embraced software-as-a-service (SaaS) to protect customers and transform the detect-investigate-respond process towards cyber threats.

This week SecureWorks released Red Cloak Threat Detection and Response (Red Cloak TDR), a security analytics platform built with more than 20 years of threat intelligence from customer endpoints, network, and cloud deployments.

Red Cloak TDR is the first in a suite of Red Cloak SaaS solutions to improve customers’ security operations, and ultimately to help customers become more self-sufficient to defend against current and emerging threats.

"Today's well-armed and coordinated adversaries operate in a collaborative and sophisticated manner, yet the industry continues to rely on disparate tools and siloed, manual investigations," comments SecureWorks SVP of business and product strategy, Wendy Thomas.

Those environments can often leave gaps where threats can remain undetected for days, weeks, months, or even years.

Red Cloak TDR integrates Secureworks' threat intelligence which is compiled from billions of events across thousands of security environments and continuously updated to include new and emerging threats. 

Additionally, Red Cloak TDR integrates data from a variety of third-party sources to give organisations the best possible understanding of their threat landscape.

Additionally, Secureworks' cloud-native application speeds investigations with intuitive workflows and automation, as well as a chat feature that gives users direct access to Secureworks' team of experienced cybersecurity experts. 

"Red Cloak Threat Detection and Response automates the investigation of high fidelity alerts and integrates decades of experience, knowledge and threat intelligence so enterprises can rapidly take the right action and reduce business risk,” says Thomas.

Features at a glance:

  • Red Cloak TDR analyses activity from endpoint, network and cloud while reducing the number of false positives security professionals face. It detects advanced threats by correlating information from a variety of sources and threat intelligence feeds, integrating Secureworks' knowledge of threat actor behaviours, and applying machine learning to provide much-needed context about the threat. Red Cloak TDR builds trust in security alerts and frees security teams to focus on threats that matter.
  • Designed around Secureworks' defense in concert methodology, Red Cloak TDR unifies security environments and analyses all relevant signals in one place. Users gain additional context so they can quickly and accurately judge the implications of each event.
  • By working on investigations together, teams can quickly reach conclusions with confidence. The built-in chat feature can be used right from the user interface during an investigation to get expert help based upon years of experience hunting, analysing and defending against threats.
  • The application allows for a quick, accurate, software-driven response that gives users the ability to automate the right action.
  • Because Red Cloak TDR is a cloud-based SaaS application, companies won't have the burden of installing on-premises hardware or maintaining software version upgrades. Updates, backups and tuning are covered.
  • Red Cloak TDR does not charge by data consumption, so subscribers are free to process the security-relevant data they need to keep their organisation safe.
  • Onboarding is quick and easy because the application is designed to easily integrate into an organisation's current control framework.
Story image
One in five employees download commercially sensitive files onto personal devices
Of these respondents, 40% admitted that the devices either had no password protection or no up-to-date security installed.More
Story image
Security and operations collaboration key to success post COVID-19
“We are in an ultra-hybrid world with multi-everything, and in order to successfully navigate this landscape, ITOps, DevOps, and SecOps teams need to more closely align."More
Story image
Video: 10 Minute IT Jams – A glimpse inside a ransomware cell
This is our second IT Jam with SonicWall senior manager of product marketing Brook Chelmo, and in this video Brook walks us through his one-on-one experience with a member of a ransomware cell. More
Story image
Surfshark rolls out WireGuard open source VPN protocol
When there is less code in a VPN, it is less susceptible to security vulnerabilities due to easier configuration and management, according to Surfshark.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Story image
Palo Alto Networks extends cloud native security platform with new modules
Palo Alto Networks has announced the availability of Prisma Cloud 2.0, including four new cloud security modules, thus extending its Cloud Native Security Platform (CNSP). More