Deepwatch SecOps Platform enhancements detect and contain identity threats
Deepwatch announced new service offerings and advances to the Deepwatch SecOps Platform to speed the detection and containment of threats across the enterprise.
The launch of Deepwatch MXDR for Identity provides extended detection and response to evolving identity-based threats; Deepwatch MXDR for Endpoint now supports Microsoft Windows Defender which enables automated, response capabilities on Windows endpoints; and Deepwatch SecOps Platform user interface enhancements provide customers with greater visibility into their security operations program efficacy – ranging from practitioner dashboards to self-service, board-level metrics and reporting.
Organizations’ reliance on identity solutions to enable collaboration, remote work, and access to internal systems and sensitive data has increased threat actors’ ability to compromise identities. According to Gartner, “Conventional identity and access management and security preventive controls are insufficient to protect identity systems from attack. Modern identity threats can subvert traditional identity and access management (IAM) preventive controls, such as multi-factor authentication (MFA). This makes identity threat detection and response a top cybersecurity priority.”
Deepwatch provides comprehensive detection and automated response to cyber threats coupled with tailored security recommendations from dedicated experts. The Deepwatch SecOps Platform delivers protection 24/7/365 which mitigates risk and measurably improves security posture.
Centered on advanced threat analytics, dynamic content libraries, and integrations with leading security tools, Deepwatch’s managed detection and response services (MDR, MXDR, and others) provide customers with an “always on” modern SOC that continuously evolves to combat the dynamic threat landscape.
Details on new offerings and enhancements include:
Deepwatch MXDR for Identity
Extends the native security capabilities of identity tools by monitoring and correlating detections across the attack surface – beyond what identity tools alone can detect. Deepwatch delivers contextualized alerts on compromised identities and rapidly executes critical response actions such as isolating, reducing privileged access, or enforcing step-up authorization against a session to contain the threat. Response actions can be configured based on customer specific risk tolerance. The solution integrates with Okta, Ping Identity, and Azure AD.
Deepwatch MXDR for Endpoint now supports Microsoft Windows Defender
Deepwatch’s automated response capabilities for threat containment on endpoints now support Microsoft Windows Defender in addition to Crowdstrike, SentinelOne, and Cybereason. Deepwatch customers are rapidly adopting endpoint response capabilities with a keen focus on mitigating ransomware attacks.
Unified Interface for the Deepwatch SecOps Platform
New enhancements to the Deepwatch customer interface deliver an advanced level of visibility and transparency to managed security operations. This includes an always-on personalized SOC dashboard, and MITRE ATT&CK coverage that correlates to a customer’s threat matrix powered by Deepwatch’s patented Maturity Model.
Users can view their content inventory, security recommendations and recommended steps to improving security posture. Self-service, board-ready metrics and reporting include environment coverage, threat actor attribution, security investment and overall ROI giving security leaders the ability to report on the business without waiting days or weeks for reports.
Deepwatch provides security teams the expertise, flexibility, user experience and support to rapidly accelerate their extended detection and response strategies to defend against threats targeting enterprises,” said Wesley Mullins, CTO at Deepwatch. “With the addition of Deepwatch MXDR for Identity, we can do more than shut down the endpoint or make a firewall rule on the fly. We can respond to a threat at every level across the customer’s attack surface whether its network, cloud or identity.”
Available now, Deepwatch MXDR for Identity and Endpoint services complement the Deepwatch MDR service offerings as part of a complete threat lifecycle defense.