Secureworks Launches New Cybersecurity Analytics Application to Accelerate Threat Detection and Response
Secureworks, a leading cybersecurity company that keeps organizations safe in the digitally connected world, today announced the launch of a software-as-a-service (SaaS) application that will transform the way companies detect, investigate and respond to cyber threats.
Red Cloak™ Threat Detection and Response (TDR) is a security analytics application that continuously applies more than 20 years of threat intelligence and advanced analytics to customer endpoints, network and cloud deployments. With deep learning and machine learning at its core, Red Cloak TDR is designed to help customers detect advanced threats and reduce their volume of alerts and false positives so they can identify and respond to critical threats faster. Secureworks' cloud-native application speeds investigations with intuitive workflows and automation, as well as a chat feature that gives users direct access to Secureworks' team of experienced cybersecurity experts. Subscribers will also immediately benefit from the Secureworks network effect: When Secureworks' Counter Threat Unit™ identifies a new threat in one of its 4200+ customer environments, a countermeasure will be made available in the Red Cloak TDR application.
Security environments are often a collection of disconnected layers of security products that leave gaps where threats can dwell undetected for hundreds of days1. "Today's well-armed and coordinated adversaries operate in a collaborative and sophisticated manner, yet the industry continues to rely on disparate tools and siloed, manual investigations," says Wendy Thomas, SVP of Business and Product Strategy. "Red Cloak Threat Detection and Response automates the investigation of high fidelity alerts and integrates decades of experience, knowledge and threat intelligence so enterprises can rapidly take the right action and reduce business risk."
Intuitive and responsive, Red Cloak TDR integrates Secureworks' threat intelligence which is compiled from billions of events across thousands of security environments and continuously updated to include new and emerging threats. Additionally, Red Cloak TDR integrates data from a variety of third-party sources to give organizations the best possible understanding of their threat landscape.
- Red Cloak TDR analyzes activity from endpoint, network and cloud while drastically reducing the number of false positives security professionals face. It detects advanced threats by correlating information from a variety of sources and threat intelligence feeds, integrating Secureworks' knowledge of threat actor behaviors, and applying machine learning to provide much-needed context about the threat. Red Cloak TDR builds trust in security alerts and frees security teams to focus on threats that matter.
- Designed around Secureworks' defense in concert methodology, Red Cloak TDR unifies security environments and analyzes all relevant signals in one place. Users gain additional context so they can quickly and accurately judge the implications of each event.
- By seamlessly working on investigations together, teams can quickly reach conclusions with confidence. The built-in chat feature can be used right from the user interface during an investigation to get expert help based upon years of experience hunting, analyzing and defending against threats.
- The application allows for a quick, accurate, software-driven response that gives users the ability to automate the right action.
- Because Red Cloak TDR is a cloud-based SaaS application, companies won't have the burden of installing on-premises hardware or maintaining software version upgrades. Updates, backups and tuning are covered.
- Red Cloak TDR does not charge by data consumption, so subscribers are free to process the security-relevant data they need to keep their organization safe.
- Onboarding is quick and easy because the application is designed to easily integrate into an organization's current control framework.
Red Cloak TDR is the first in a suite of Red Cloak SaaS solutions from Secureworks to help enterprises reduce complexity in their security operations and become more self-sufficient to defend against current and emerging threats.
Industry: Cyber Security News
- Contact 12 month- Security Operations- Crowdstrike Falcon Insight EDR / Analyst.
- United Kingdom
- Dependent on experience
Security Operations engineer / Analyst with Crowdstrike Falcon Insight EDR experience for a 12 month contract. Experienced Contractor with Crowdstrike Falcon Insight: Endpoint detection and Response (EDR) experience needed - 12 month rolling project. Implementation, configuration and Analyst experience needed with Crowdstrike Falcon Insight: (EDR) Migration project- relocating capability internationally. technically implementing, configuration of that that migration and then transition to BAU role monitoring. DCL Search exclusive associate Project.
- SailPoint Consultant
- Upto £75,000 plus benefits
SailPoint Consultant is needed for an expanding Financial Service business, this is an exciting time to join the Business as they are in the Process of deploying both IAM and PAM solutions and this consultant will form a key part of the IAM team Location can be flexible but would require the individual to come into the London office a couple of times a month for team meetings and face to face project reviews Duties include · Engage in the Identity & Access Management project to deliver SailPoint IdentityNow and Privileged Access Management · On-board applications and users into IAM tools and customise or configure integrations as required · Regularly review, secure and recertify privileged roles in applications, databases and operating systems · Implement least privilege, just-in-time access, password rotation and vaulting wherever possible · Migrate application authentication to Single Sign-On through the use of SAML and OAuth · Implement and enforce the use of MFA where possible, focusing on critical applications and risky sign-ins · Provide technical support to Centrify and SailPoint users Key experience required: Previous experience with SailPoint, including integrating and deploying into a business, onboarding users and applications, supporting users and performing manual administration tasks. Experience with SAML and OAuth to migrate applications to Single Sign-on. If you are interested in hearing more please reach out to me for more information
- Centrify Consultant
- Upto £75,000 plus benefits
A Privileged Access Management Consultant is needed for an expanding Financial Service business, this is an exciting time to join the Business as they are in the Process of deploying a Centrify PAM solution,, this consultant will form a key part of the team Location can be flexible but would require the individual to come into the London office a couple of times a month for team meetings and face to face project reviews Duties include · On-board applications and users into PAM tools and customise or configure integrations as required · Regularly review, secure and recertify privileged roles in applications, databases and operating systems · Implement least privilege, just-in-time access, password rotation and vaulting wherever possible · Migrate application authentication to Single Sign-On through the use of SAML and OAuth · Implement and enforce the use of MFA where possible, focusing on critical applications and risky sign-ins · Provide technical support to Centrify users You would also gain expsoure with the IAM toolset as part of an Identity Access deployment. Key experience required: Previous experience with a PAM tool (Centrify would be an added bonus but not essential) including integrating and deploying into a business, onboarding users and applications, supporting users and performing manual administration tasks. Experience with SAML and OAuth to migrate applications to Single Sign-on. If you are interested in hearing more please reach out to me for more information
- SOC team lead- Deputy SOC manager - Managed Security Services, Bradford. Exclusive
- £70,000 +
SOC team lead- Deputy SOC Manager - Managed Cyber Security Services, Bradford. Exclusive Identifier project. Technical team lead needed to join a Managed Cyber Security Services business. The role will be a hands on lead role and technical escalation point for the team. You will also be responsible for leading, mentoring, growing and developing the team. You will be the deputy SOC manager and be involved in the strategic growth of the capability. A managed security services background is essential, specifically within a managed security operations capability. Current hands on support experience across Firewall, SIEM, Incident Response is essential.