Secureworks® cloud-native Red Cloak™ Threat Detection & Response uses Microsoft Defender Advanced Threat Protection to improve detection of advanced attacks across endpoints, networks, cloud and business systems.
By: Chris Bell
At Secureworks, we believe that security analytics software is transforming cybersecurity operations into more proactive and efficient agents of risk management for their organizations. And it’s our philosophy that everyone deserves to benefit from those advancements. This week, we announced how the new applied intelligence between Secureworks and Microsoft will give customers a taste of that transformative value: the ability to detect and respond to threats at the endpoint that may look and behave like normal user activity, or evade detection altogether.
For organizations to truly capitalize on the value of security analytics, however, it’s important to understand the bigger picture of software-driven security and how it can protect them across their entire ecosystem – endpoint, cloud, networks and business systems. Properly implemented, security driven software like Red Cloak TDR can enable a business to continuously accelerate and scale security operations to keep pace with a rapidly changing and borderless digital environment.
As a result of this integration, Red Cloak TDR will ingest telemetry from the Microsoft Defender ATP platform. This extra source of data further strengthens and trains the machine learning algorithms which power Red Cloak TDR’s analytics engine. Microsoft ATP customers get increased visibility from our threat intelligence and our ability to rapidly operationalize the insights we gain by monitoring thousands of customers daily. The goal is to help joint customers detect cyber threats fast, so they can stop them before damage is done. This integration is the direct result of customer feedback, which is core to the development process of Red Cloak TDR. (If you want to check out Red Cloak TDR and take it for a test drive, we’d love to hear from you.)
Our team is building and optimizing new detectors to pick up on behavioral threat indicators. The TDR application uses those detectors to catch the threats most tools miss. The additional telemetry from Microsoft ATP enriches this process with valuable extra data that allows us to identify anomalies for customers.
I’m particularly excited about how the combination of our threat intelligence with Microsoft’s will act as a multiplier that fuels more precise detection. It’s a great example of how collaboration in the industry strengthens security for everybody. Our adversaries will have a tougher time breaking through against a united industry – that’s one of the reasons Red Cloak TDR and our forthcoming applications place a high value on enabling cooperation across teams, organizations and the industry.
Security analytics software is transforming security and every organization deserves to benefit. In August this year, we launched Managed Detection and Response powered by Red Cloak for companies that don’t have the resources to use the TDR application in-house. MDR powered by Red Cloak delivers the benefits of TDR but managed by our own experts, while you and your team get full access to the application should you want to use it.
With threat actors collaborating and evolving quickly it’s time the industry caught up. Our work with Microsoft is a part of our commitment of using security analytics software to foster collaboration and fortify the industry. Only by working together can we defeat the adversaries we face.