Secureworks
announced that it has partnered with Microsoft to
help joint customers detect advanced cyber threats faster, with greater
accuracy, and respond more effectively to reduce risk.
Organizations
are under increasing pressure to add speed and scale to their
cybersecurity operations, but integration challenges can make it
difficult to realize the benefit of additional security tools.
Secureworks, working with Microsoft, provides seamless integration of
threat intelligence so mutual customers get better protection from
advanced threats without having to deploy yet another agent.
Secureworks' SaaS application, Red Cloak Threat Detection & Response (TDR), will ingest raw telemetry from the Microsoft Defender Advanced Threat Protection (ATP) platform,
further enriching the diverse data that fuels Red Cloak TDR advanced
analytics. Microsoft Defender ATP customers will in turn benefit from a
wider threat vector lens because of the deep threat intelligence of
Secureworks, enhanced by the company's visibility across a wide variety
of endpoint, network, cloud and business systems in thousands of
customer environments worldwide.
Customers
can choose to manage the Red Cloak TDR SaaS application in-house or go
with a managed services option that provides additional support for
threat hunting and incident response.
"Secureworks
is thrilled to work with Microsoft on this development effort," said
Wendy Thomas, Chief Product Officer at Secureworks. "Pairing Microsoft's
unique optics across the Windows ecosystem with Secureworks' advanced
analytics and investigative workflows will empower our joint customers
to rid their environments of hard-to-detect threats that other security
analytics cannot identify."
Moti
Gindi, General Manager, Windows Cyber Defense, Microsoft said,
"Partnering with Secureworks, a Microsoft Silver Partner and a
recognized leader in managed security services, opens new value to
Microsoft Defender ATP customers interested in a managed threat
detection and response service from a top player in the market."
Red
Cloak TDR uses a host of innovative detectors that rely on a variety of
machine learning, deep learning and behavioral techniques. Working in
combination, the detectors find important clues that together identify
true malicious behavior. The cloud-native software also streamlines
investigations with intuitive workflows and automation so analysts can
focus on critical priorities. Applied threat intelligence and incident
response experience help the analytics keep pace with emerging threats.
Microsoft
Defender ATP uses intelligence built into Windows 10, including
endpoint behavioral sensors, cloud security analytics and threat
intelligence to help enterprise networks prevent, detect, investigate
and respond to advanced threats.
The
integration further strengthens the position of Secureworks as a
provider of cloud-based cybersecurity software. A managed services
option for Red Cloak TDR was announced in August, and Secureworks plans
to release new features for the application in coming months to include
additional data sources, detectors and reporting capabilities.