Secureworks Cybersecurity Solutions

Secureworks Cybersecurity Solutions: Comparisons, Review, Benefits, Use Cases, Pros & Cons

Author: Netify Research Team

If you have questions about Secureworks and how their capability is aligned to your needs, email the Netify research team.
UK: uk@netify.co.uk North America: northamerica@netify.com

(Please use the UK email for ROW - Rest of the World - questions or inquiries)

About Secureworks

Founded in 1999, Secureworks is a North American Extended Detection and Response (XDR) vendor serving more than 4000 clients in over 50 countries globally, varying from Fortune 100 and mid-sized businesses. The company's headquarters are in Atlanta, Georgia, North America and it's parent companies are Secureworks Corp and Dell Marketing L.P.

Secureworks Products and Services:

• Vulnerability Management (VDR): Secureworks' cloud-based VDR solution leverages machine learning to scan for and identify vulnerabilities in a client's environment. The solution focuses on data-driven remediation planning and leverages threat intelligence from the Secureworks Counter Threat Unit. The solution also includes AI-powered prioritisation and remediation tracking to automatically analyse a list of vulnerabilities. This allows VDR to automatically discover web applications, endpoints and misplaced assets and scans them for vulnerabilities, prioritising based on the context of a chosen asset (vulnerability, network, organisation and external factors). The solution also integrates with ticketing systems and can close gaps between discovery, scanning and risk-based remediation. 
• Threat Hunting Assessment: Designed to find compromises and hidden adversaries in a clients ecosystem, whilst validating security controls and resource dwell times of cyberthreats. 
• Application Security Testing: Leveraging the Secureworks Adversary Group, the solution locates gaps using adversarial tests which are designed with threat actor tactics in mind. 
• Red Team Testing: Strengthens organisation's incident readiness by Secureworks Advisory Group testing their pre-existing detection and response solution. 
• Penetration Testing: Locates blind spots in client's security posture using the Secureworks Advisory Group. 
• Incident Response Services: An incident response consulting solution designed to help client's organisations respond to security threats at scale. Also offers emergency service requests for client's currently experiencing an attack. 
• Incident Management Retainer (IMR): An accord set up between a client and Secureworks for priority, SLA-backed support and incident response and security program readiness consulting. Includes specialist support from a Secureworks security consultant and threat research expert, to serve as a client's response team. 

Secureworks Extended Detection and Response (XDR)

Secureworks XDR solution is designed to prevent, detect and respond to cyberattacks. The solution simplifies security for IT teams, as there is no requirement to manually stitch data or to bounce between tools, meaning that the Mean Time To Respond (MTTR) is reduced. Should an attack occur, the solution will provide response action recommendations and automated playbooks and offers live chats with security experts from Secureworks. 

The solution leverages  Next-Generation Antivirus (NGAV) as an optional extra for endpoint protection. This includes the Taegis advanced analytics engines, which are updated regularly with threat indicators, countermeasures and analytics specifically designed by the Secureworks Counter Threat Unit. The solution is also compliant with the MITRE ATT&CK framework. 

Secureworks Detection and Response (MDR)

Taegis ManagedXDR is Secureworks' MDR service which offers clients constant monitoring of the network environment for security threats, with response and remediation services from Secureworks team of cybersecurity experts. The solution extends across endpoint, network and cloud environments, with proactive threat hunting and incident response. 

Secureworks MDR is offered in two service tiers:

ManagedXDR, which includes:

• Applied threat intelligence 
• Support for endpoint, network and cloud
• Taegis Advanced Analytics
• Support for AWS, Azure and Office 365
• Remote Incident Response Services
• Response action execution
• Continuous global threat hunting and research by CTU
• Monthly targeted threat hunting 
• Quarterly customer touchpoint meetings

Managed XDR Elite, which includes all of the above, plus:

• Designated threat hunter 
• Artefact and hypothesis driven threat hunting
• Continuous targeted threat hunting 
• Initial threat hunting baseline
• Customer targeted hunts based on customer requests
• Bi-weekly customer touchpoint meetings

Secureworks Cloud Security Solutions

Secureworks partners with Amazon Web Services (AWS) to support client's migrating from an on-premises deployment to the cloud. The s0lution identifies problems in Identity and Access Management (IAM) controls, audit logs, EventBridge, s3 and EBS storage, network access and VPC and injection attacks on web applications. 

The Secureworks Taegis platform also offers VDR, XDR and ManagedXDR which are built direct onto AWS, with cloud configuration review, emergency incident response, incident management and readiness and Cloud Security Architecture Assessment (CSAA).

The solution integrates with the following AWS products and features:

• AWS Cloudtrail
• S3 Data Events
• Amazon GuardDuty
• Application Load Balancer 
• VDC Flow Logs
• AWS Managed Web Application Firewall (WAF)
• MDR for AWS-based Endpoints

Secureworks also partner with cloud security provider Mimecast to integrate the Mimecast email security data with Secureworks Taegis XDR. This provides email security by allowing IT teams to respond faster to email threats by improving cyber-resilience, email visibility and operational efficiency. The solution also offers ransomware protection.