Cyber threat hunting service from Dell SecureWorks
Dell SecureWorks has launched a new Targeted Threat Hunting service aimed at finding cyber attackers who might be lurking in an organization’s network, intent on committing a breach.
Using cyber intelligence and proprietary hunting technology from the Counter Threat Unit (CTU) research team, Dell SecureWorks experts will search an entity’s IT networks and host computers for evidence of a compromise, leveraging pre-determined intelligence of adversaries and their methods.
The CTU Special Operations team will search for any indication hackers might be operating in the organization’s environment. If found, they will conduct an extensive study of the threat, outline a plan to eradicate the hackers, and put defenses in place to prevent them from re-entering.
Every week, Dell SecureWorks learns about sophisticated threat actors who morph their techniques to penetrate an organization’s computer networks. Once in, hackers expand their access privileges laterally across the network and introduce additional malware into the environment to maintain a persistent presence.
Most organizations lack the threat intelligence, malware analysis and forensic capabilities needed to understand the full scope of the threat and extent of the compromise.
“The most informative way to determine if a targeted threat is present in an environment is to collect and analyze data from network and endpoints in unison,” said Jon Ramsey, Dell SecureWorks CTO. “We use instrumentation, advanced analytics and visualization tools coupled with security threat intelligence and years of incident response experience from the Counter Threat Unit to locate the compromise, and contain and remediate the threat.”
Services include the following:
Targeted Threat Intelligence – ever-present intelligence and context on threat actors and tradecraft being used to target one’s organization or industry.
Red Teaming – targeted attack simulation using real-world tactics, techniques and procedures.
Targeted Threat Hunting – deep inspection of networks and hosts for indicators of attacker presence.
Managed Advanced Malware Protection – detection and blocking of targeted malware deployment and communications.
Targeted Threat Response – identification, containment and removal of cyber attacker presence and advanced tradecraft with surgical precision.
Enterprise iSensor – Network intrusion protection from malicious traffic that evades one’s firewall.