Secureworks announced the addition of its Hands-on-Keyboard Detector to the Secureworks Taegis platform which helps prevent, detect, and respond to advanced threats with automation, machine learning, and comprehensive threat intelligence by detecting "live" keyboard inputs from malicious actors rather than scripts. All Secureworks Taegis XDR and Taegis ManagedXDR customers are now protected by this innovative, patent-pending detection capability.

Secureworks' Hands-on-Keyboard Detector detects malicious threat actors who are directly interacting with compromised systems. By using machine learning to aggregate evidence from endpoint telemetry over time, this detector creates high confidence alerts for rapid remediation of malicious activities that would likely go unnoticed with a traditional signature-based detection platform.

"We began developing the Hands-on-Keyboard Detector while researching BRONZE SPIRAL operators of the SUPERNOVA web shell during the SolarWinds Orion compromise of 2020," said Nash Borges, Vice President of Engineering at Secureworks. "Our Detector identifies malicious activity when threat actors are ‘living off the land' using system administration tools that may go unnoticed by other endpoint technologies. This adds a new layer of protection to the Secureworks Taegis platform that further enhances its automated threat-detection capabilities and better protects the enterprise. This detector has already protected several customers in the wild who otherwise may not have known that attackers were beginning to exploit their systems. It's using the best combination of Taegis security analytics and human intelligence to find important needles in immense haystacks."

The Hands-on-Keyboard Detector's machine learning technology was trained on 3.3 trillion events from our growing 16 petabyte data lake, creating a detector that scores threat activities by modeling behavioral techniques instead of conventional pre-defined rules. Without the volume and variety of data collected within Taegis, detections like this could not be created.

The Secureworks Hands-on-Keyboard Detector is included in the Taegis platform and is available for Taegis XDR, Taegis ManagedXDR, and Taegis ManagedXDR Elite.