Secureworks Delivers Visibility and Detection Across the MITRE ATT&CK® Framework in First Evaluation of Red Cloak Threat Detection and Response

ATT&CK Evaluation demonstrated the effectiveness of Secureworks’ cloud-based SaaS product to detect attacks early in the kill chain, confirming the company’s successful pivot to SAAS solutions

ATLANTA, Ga., April 22, 2020 Secureworks® (NASDAQ:SCWX) today announced its results from the MITRE ATT&CK Endpoint Protection Product Evaluation. The company’s cloud-native security SaaS product delivered visibility and detection across the ATT&CK Framework just six months after its release.

Secureworks Red Cloak™ Threat Detection and Response (TDR) was 100% successful at detecting activity for the Persistence, Privilege Escalation, Discovery and Lateral Movement tactics and techniques, which underscores Secureworks’ ability to detect attacks early in the kill chain. Red Cloak TDR had telemetry visibility across the MITRE ATT&CK Framework and was able to capture attacker activity during each step of the evaluation, as well as provide visibility or generated detections across 90% of technique categories used in the evaluation.

“Accurate, early detections in the kill chain are the most effective way to achieve a faster response and significantly reduce the risk of damage from a breach,” said Barry Hensley, Secureworks’ Chief Threat Intelligence Officer. “The results of our MITRE ATT&CK Evaluation validate our approach to deliver a combination of security analytics software, threat expertise and operational experience to help security analysts cut through the noise, gain better situational awareness and rapidly remediate advanced threats.”

Secureworks has continuously innovated on its cloud-native SaaS product since the MITRE evaluation, further widening its customers’ visibility with 36 new data source integrations, improving coverage with a range of new analytics and building an optional MDR service wrapper for customers who want an end-to-end solution. A new MDR Dashboard provides visibility into how the software is performing with full transparency.

“Participating in a transparent and independent process like the MITRE ATT&CK Evaluation confirms our commitment to delivering a software-driven approach to security, where technology and expertise work seamlessly to deliver better protection,” said Wendy Thomas, Secureworks’ President, Customer Success.

Red Cloak Threat Detection and Response, along with 20 other security solutions, was evaluated for its ability to detect the tactics and techniques used by Iron Hemlock, also known as APT29, a threat group that cybersecurity analysts believe operates on behalf of the Russian government and compromised the Democratic National Committee starting in 2015.

Additional Resources

About Secureworks

Secureworks® (NASDAQ: SCWX) is a technology-driven cybersecurity leader that protects organizations in the digitally connected world. Built on proprietary technologies and world-class threat intelligence, the company's applications and solutions help prevent, detect and respond to cyber threats. Red Cloak™ software brings advanced threat analytics to thousands of customers, and the Secureworks Counter Threat Platform™ processes over 300B threat events per day. Secureworks understands complex security environments and is passionate about simplifying security with Defense in Concert so that security becomes a business enabler. More than 4,000 customers across over 50 countries are protected by Secureworks, benefit from our network effect and are Collectively Smarter. Exponentially Safer.™


Doreen Kelly Ruyak
[email protected]



See for yourself: Request your demo to see how Taegis can reduce risk, optimize existing security investments, and fill talent gaps.