Secureworks has announced its results from the MITRE ATT&CK Endpoint Protection Product Evaluation. The company’s cloud-native security SaaS product delivered visibility and detection across the ATT&CK Framework just six months after its release.
Secureworks Red Cloak Threat Detection and Response (TDR) was 100% successful at detecting activity for the Persistence, Privilege Escalation, Discovery and Lateral Movement tactics and techniques, which underscores Secureworks’ ability to detect attacks early in the kill chain. Red Cloak TDR had telemetry visibility across the MITRE ATT&CK Framework and was able to capture attacker activity during each step of the evaluation, as well as provide visibility or generated detections across 90% of technique categories used in the evaluation.
“Accurate, early detections in the kill chain are the most effective way to achieve a faster response and significantly reduce the risk of damage from a breach,” said Barry Hensley, Secureworks’ Chief Threat Intelligence Officer. “The results of our MITRE ATT&CK Evaluation validate our approach to deliver a combination of security analytics software, threat expertise and operational experience to help security analysts cut through the noise, gain better situational awareness and rapidly remediate advanced threats.”
Secureworks has continuously innovated on its cloud-native SaaS product since the MITRE evaluation, further widening its customers’ visibility with 36 new data source integrations, improving coverage with a range of new analytics, and building an optional MDR service wrapper for customers who want an end-to-end solution. A new MDR Dashboard provides visibility into how the software is performing with full transparency.
“Participating in a transparent and independent process like the MITRE ATT&CK Evaluation confirms our commitment to delivering a software-driven approach to security, where technology and expertise work seamlessly to deliver better protection,” said Wendy Thomas, Secureworks’ President, Customer Success.
Red Cloak Threat Detection and Response, along with 20 other security solutions, was evaluated for its ability to detect the tactics and techniques used by Iron Hemlock, also known as APT29, a threat group that cybersecurity analysts believe operates on behalf of the Russian government and compromised the Democratic National Committee starting in 2015.