Detect more. Respond faster. Reduce risk. | Secureworks, Inc.

Purpose Driven Approach

Secureworks has remained a trusted partner in cybersecurity for more than 22 years.  To understand each organization’s unique cybersecurity challenges, it requires an optimal combination of technology, people, and processes – a formula that looks slightly different for every organization. Secureworks delivers this to customers through a mixture of purpose-driven services and data-driven insights that empower organizations to protect themselves more efficiently and effectively.

• From a technological perspective, organizations require tools to block threats and enable their SecOps teams to quickly discover and address threats based on indicators across endpoints, networks, and the cloud. Since few organizations have the means to patch every known vulnerability across their entire environment instantly, SecOps teams need technology that empowers them to prioritize their threat remediation based on actual risk to the business. Secureworks delivers these technologies with a portfolio of SaaS solutions built on the cloud-native enterprise security platform, Taegis™.

• From a people perspective, organizations must optimize their risk mitigation within the constraints of their limited SecOps staffing budgets and the limited skills and experience available in the current undersupplied talent pool. Because Secureworks has operated one of the world’s leading security operations centers (SOC) for over two decades, they have an exceptional understanding of how SecOps teams operate in the trenches—and how to enhance their personal and collective productivity. Their solutions are specially designed to address the real-world issues of SecOps staff, from alert fatigue to collaborative threat hunting. Secureworks devotes significant resources to education, training, and the overall transfer of security knowledge and expertise.

• From a process perspective, organizations must ensure that appropriate steps are taken  in the correct order necessary for full mitigation — even when the heat is on during an active attack. Secureworks provides the industry’s most complete best-practices guidance, from how SecOps teams name their investigations to how they can best engage with law enforcement, customers, the legal department, and other stakeholders in the event of an incident. This guidance includes “tabletop” exercises, postmortem reporting, and other support that can inform processes to help clients achieve their critical business resilience goals.

The Experts

The knowledge, skill, experience, and passion of Secureworks’ threat intelligence researchers and SecOps consultants is second to none. This includes the world renowned Counter Threat Unit™ (CTU) team, a group that proactively researches and tracks more than 180 active threat groups. The CTU™ continuously analyzes and validates “in the wild” threat data, using the intel gleaned from its operations to help enhance solutions like Taegis, thus helping customers outmaneuver cyberattacks from ever-evolving threat actors worldwide.

Many factors make Secureworks and its Taegiscloud-native security platform unique.

Firstly, it provides holistic security technology to organizations. While many Secureworks competitors come from narrower perspectives like Endpoint Detection and Response, Network Detection, or Security Incident and Event Management, Secureworks designed Taegis as a purpose-built security solution from conceptualization to actualization, resulting in a comprehensive solution that provides a unified picture across endpoint, cloud, identity management, and other aspects of your network. In other words, Taegis was built from the ground up, with the purpose of covering multiple realms of the security landscape.

Secondly, Taegis leverages more than 20 years of real-world threat intelligence and research in the fight to defend customers from advanced threats. That means that real-world, firsthand events and human threat intelligence feed into and inform Secureworks’ security platform. Secureworks believes that human threat actors require human threat intelligence as well as the machine learning, artificial intelligence, and automation that is driving the industry. The quality and depth of intelligence that feeds into the Taegis platform’s data lake produces consistent, reliable, early, and effective threat mitigation outcomes for their customers.

Finally, deep security expertise is a core offering that is included with Taegis. Taegis provides more than just automated security or machine learning – Taegis is equipped with hard-earned insight and wisdom direct from the multiple teams that comprise Secureworks CTU. This expertise is designed to meet customers wherever they are in their security evolution. Across needs ranging from vulnerability detection and management, to penetration testing and incident response, Secureworks builds in the kind of responsive support and expertise that adds value and provides customers a strong return on their investment.

Taking Clients towards Productivity

In the summer of 2020, The Paper Store was experiencing a period of booming growth of its e-commerce presence. With more than 3,000 employees, the company had expanded its array of gift offerings to meet the changing shopping habits of its customers while anticipating even more growth in its business operations. Alex Fuchs, Director of IT for The Paper Store, secured an incident response retainer from Secureworks to ensure their security posture was adequate. While performing threat hunting, Secureworks discovered unauthorized activity in one of the company’s data centers. That set off a chain of events that resulted in discovering a compromised third-party account on a development server.

Secureworks investigated, isolated, and patched the server. Once the initial response was completed, Secureworks analyzed the rest of The Paper Store’s IT environment to ensure no other assets were compromised. For Fuchs, this incident underscored the importance of doing more to secure the corporate environment, especially at a time of rapid expansion of The Paper Store’s online presence. Fuchs asked a simple question when he sought approval to purchase, “Is there a reason why we don’t have this level of protection all the time?”

ManagedXDR is Securework’s 24×7 managed detection and response service. Building a security staff to take on around-the-clock monitoring and response actions was not in line with The Paper Store logistical capabilities or budget.

“We needed to have 24×7 coverage,” Fuchs said. “Hiring that type of headcount was not in our budget.”

 Fuchs needed a partner he could rely on, one that would act in a professional, consultative, and decisive manner. Secureworks demonstrated just that during the incident response.

“Our previous experience with Secureworks made it easier to justify Secureworks ManagedXDR,” Fuchs said.

Today, The Paper Store sees multiple benefits from deploying ManagedXDR, including increased visibility across its IT ecosystem. One moment validating this point comes to mind for Fuchs, who described how an employee working from home had a family member who experienced a breach of a personal device. The Paper Store’s IT staff quickly looked at the employee’s corporate device to see if the breach had impacted it, found a couple of phishing emails, blocked Office 365, and changed the employee’s corporate passwords.

“The log data was in Taegis; we could see it,” Fuchs explained. “It’s a unified security picture. What may have taken 2 to 3 hours, we were able to do in 15 or20 seconds.”

Having that type of visibility around the clock is critical for The Paper Store. “Logging to Taegisevery endpoint, every server, every end user in our environment, we have complete visibility,” said Fuchs, who underscores the importance of having a solution that can scale as the organization grows. ” “If you’re growing, you need a SOC that’s going to grow with you.”

Resolving Security Operational Challenges

Secureworks TaegisXDR is a comprehensive, automated, and intuitive solution purpose-built for organizations’ unique security challenges. It offers broad and deep threat detection and response powered by machine learning, threat intelligence, and powerful security analytics, plus the expertise gained from 22 years of dedicated threat research.

Secureworks continues to show its commitment to accelerating security maturity and resilience for its customers by constantly adding more prevention and detection capabilities to Taegis. One recent example is the company’s patent-pending Hands-on-Keyboard Detector. Recently added to Taegis, the Hands-on-Keyboard Detector uncovers “hands-on” cybercriminal activity by using automation, machine learning, and comprehensive threat intelligence to detect live keyboard inputs from malicious actors rather than scripts.

Secureworks has invested decades of experience and much of its focus in the purpose-built Taegis platform and continues to improve its true XDR solution. As awards and accolades arrive for the Taegis offering, the company shows no signs of slowing down in its quest to defend companies from cyber adversaries far and wide.