Organizations are under increasing pressure to add speed and scale to their cybersecurity operations, but integration challenges can make it difficult to realize the benefit of additional security tools.
Secureworks, working with Microsoft, provides seamless integration of threat intelligence so mutual customers get better protection from advanced threats without having to deploy yet another agent.
Secureworks’ SaaS application, Red Cloak Threat Detection & Response (TDR), will ingest raw telemetry from the Microsoft Defender Advanced Threat Protection (ATP) platform, further enriching the diverse data that fuels Red Cloak TDR advanced analytics.
Microsoft Defender ATP customers will in turn benefit from a wider threat vector lens because of the deep threat intelligence of Secureworks, enhanced by the company’s visibility across a wide variety of endpoint, network, cloud and business systems in thousands of customer environments worldwide.
Customers can choose to manage the Red Cloak TDR SaaS application in-house or go with a managed services option that provides additional support for threat hunting and incident response.
“Secureworks is thrilled to work with Microsoft on this development effort,” said Wendy Thomas, Chief Product Officer at Secureworks.
“Pairing Microsoft’s unique optics across the Windows ecosystem with Secureworks’ advanced analytics and investigative workflows will empower our joint customers to rid their environments of hard-to-detect threats that other security analytics cannot identify.”
Moti Gindi, General Manager, Windows Cyber Defense, Microsoft said, “Partnering with Secureworks, a Microsoft Silver Partner and a recognized leader in managed security services, opens new value to Microsoft Defender ATP customers interested in a managed threat detection and response service from a top player in the market.”
Red Cloak TDR uses a host of innovative detectors that rely on a variety of machine learning, deep learning and behavioral techniques. Working in combination, the detectors find important clues that together identify true malicious behavior.
The cloud-native software also streamlines investigations with intuitive workflows and automation so analysts can focus on critical priorities. Applied threat intelligence and incident response experience help the analytics keep pace with emerging threats.
Microsoft Defender ATP uses intelligence built into Windows 10, including endpoint behavioral sensors, cloud security analytics and threat intelligence to help enterprise networks prevent, detect, investigate and respond to advanced threats.
The integration further strengthens the position of Secureworks as a provider of cloud-based cybersecurity software. A managed services option for Red Cloak TDR was announced in August, and Secureworks plans to release new features for the application in coming months to include additional data sources, detectors and reporting capabilities.