Dell SecureWorks, Inc. provides information security services to help organizations worldwide to protect their IT assets, comply with regulations, and reduce security costs. It offers managed security services, such as network security, endpoint security, vulnerability management, and security monitoring services. The company also provides consulting services, such as security awareness training solutions, specialized services, technical testing, security design and architecture, security residency, and security and governance program development services. In addition, it offers services for compliance mandates, such as payment card industry compliance; EI3PA compliance; Gramm-Leach-Bliley A...
1 Concourse Parkway NE
Atlanta, GA 30328
Founded in 1998
Dell SecureWorks New AETD Red Cloak Solution Slashes Time to Detect, Respond to Endpoint Security Threats from Months or Weeks to Hours or Minutes
Mar 3 16
The Dell SecureWorks Incident Response team deployed AETD Red Cloak in a client’s environment and within 48 hours was able to discover threat actors had compromised the environment 14 months earlier. With AETD Red Cloaks emphasis on sweeping for forensic evidence of malicious behavior, organizations can identify attacks whether malware is involved or not and quickly pinpoint the affected devices to reduce the cost and time it takes to respond. With AETD Red Cloak, Dell SecureWorks is bringing to market a fully-hosted endpoint security solution powered by up-to-the-minute threat intelligence provided by experts from the Counter Threat Unit TM (CTU) research team, as well as global visibility that comes from protecting more than 4,100 clients in 61 countries. Red Cloak was initially developed to support the company's Targeted Threat Hunting and Response professional services teams. The Red Cloak solution is especially critical for catching attacks that dont use malware. Once inside a network, attackers are continuing to evade traditional endpoint security controls often by leveraging compromised credentials and tools native to the targets environment, such as remote access services, endpoint management platforms and other legitimate system tools. This tactic is called "living off the land," and was used to gain entry in more than half of the cyber-espionage incidents Dell SecureWorks responded to last year. To give organizations the earliest possible warning of compromise, AETD Red Cloaks sensors search for forensic evidence of malicious activity while continuously collecting information about what is happening on the device, such as what programs are running, what commands are being executed, network connections, thread injection, memory inspection and more. The sensors send the collected data to the Counter Threat Platform, hosted off-premise, where it is analyzed using intelligence from Dell SecureWorks CTU researchers to spot attacker behavioral patterns and threat indicators. The solution blends multiple views of system activity to see beyond static indicators such as IP addresses and domain names and uncovers the behaviors and techniques of cyber adversaries. AETD Red Cloak has been deployed on more than 3,500,000 endpoint devices, including desktops, servers, and laptops. Because AETD Red Cloak is a SaaS solution, it easily scales to meet the needs of a growing organization. Currently, AETD Red Cloak supports endpoints running the Windows operating system. Support for other operating systems is planned for the near future. The Security Analysis Team Cyber Threat Analysis Center will provide an electronic notification within 15 minutes of the determination that activity constitutes a security incident. Targeted or high-impact incidents are forwarded on to the Senior Intrusion Analyst Team, with a response guaranteed within 24 hours of the determination. AETD Red Cloak builds upon Dell SecureWorks endpoint security portfolio, which already features the endpoint monitoring capabilities of the AETD Carbon Black service. AETD Carbon Black provides strong malware detection capabilities and focuses on file execution, the system registry and network connections. It also includes an onsite management console. AETD Red Cloak is currently available in the North America, Latin America, EMEA and the ANZ regions. Language support is only in English at this time.
Dell SecureWorks Launches Emergency Cyber Incident Response for Clients Deploying on Amazon Web Services
Oct 6 15
Dell SecureWorks announced a new on-demand Emergency Cyber Incident Response (ECIR) capability for clients deploying assets on Amazon Web Services (AWS). The new offering from Dell SecureWorks is in response to the growing enterprise adoption of production workloads on AWS and the customer demand for on-demand incident response solutions that are optimized for the dynamic and agile operating environment of the cloud.