Advanced cyber threat actors are penetrating networks in ways that fly below the radar of existing information security technologies creating hidden network threats. Once in, the advanced cyber-attack actors expand their access privileges across the network and introduce additional malware attacks into the environment, maintaining a persistent presence. These efforts complicate the detection and complete identification of the scope of the threat present in the environment. IT and IT security personnel don’t know if their organizations have been compromised, and they lack the specialized intelligence, tools, and expertise required to determine the answer. No matter the industry, whether you are in banking, healthcare or even retail, compliance can be affected due to payment card breaches or from other sensitive data being leaked due to a compromised network.
Many organizations have some form of information security protection in place but also wonder "Have I already been compromised?" The Dell SecureWorks Targeted Threat Hunting service searches your networks to identify the presence of compromises and entrenched threat actors operating in your environment. The cyber threat could be a malware or even a large scale Advanced Persistent Threat and can be hidden in the file system and several other areas of your network that may go unnoticed by the untrained eye.
Powered by Counter Threat Unit (CTU) Special Operations, the Targeted Threat Hunting service leverages elite cyber threat intelligence and decades of combined experience countering targeted adversary tradecraft. Our highly experienced IT security experts, armed with our CTU proprietary hunting technology, perform a deep inspection of your environment to identify targeted threat indicators and indications of attacker presence.
When found, CTU Special Operations experts use our extensive repository of cyber threat intelligence to illuminate the complete threat context and determine next steps to help you engage and resist the adversary.
With Dell SecureWorks, you can:
When malware or other cyber threat indicators are found, our information security researchers will complete the malware analysis to ascertain more information and context. Leveraging elite cyber threat intelligence and global visibility of threat indicators, researchers work to add additional context to the threat – how did it get there, how does it work, what’s its purpose and who may be behind it.
The Targeted Threat Hunting service provides three areas of information and guidance.
CTU Special Operations personnel will brief your team throughout their investigation on what they are finding within your environment.
Based on findings during the investigation, the CTU Special Operations team will provide actionable guidance on steps your organization should take to improve your information security defenses and posture against targeted cyber threats. This guidance may address weaknesses in your information security architecture, policy and personnel that, when implemented will help your organization resist similar IT security threats in the future.
For those instances where malware and indications of attacker presence are found in your environment, the CTU Special Operations team will provide specific guidance on appropriate response and remediation steps to contain and eradicate the information security threat from your environment.
Contact an Information Security Consultant at Dell SecureWorks for a further discussion on how we might be able to help with your specialized security needs.
Based on your interest in Targeted Threat Hunting, you might also be interested in:
Help your employees be more familiar with network security attacks and social engineering tactics used by cyber criminals through Dell SecureWorks Information Security Awareness Training Solutions.
Visit the Advanced Threats Resource Center for videos, white papers, articles and other resources on targeted threats including Advanced Persistent Threats.
Visit the Incident Response Resource Center for videos, white papers, articles and other resources on responding to a security breach.