The Secureworks Advantage: Our FoundationA blog by Steve Fulton, Chief Product Officer, Secureworks By: Steve Fulton
Secureworks was recently positioned as a Leader in Managed Security Services (MSS) in the “IDC MarketScape: Worldwide Managed Security Services 2020 Vendor Assessment.”1 The following post by Secureworks’ Chief Product Officer Steve Fulton highlights how our security operations experience and leadership position accelerate our transformation to a software-driven company with security at its core.
Our purpose is clear: To secure human progress by outpacing and outmaneuvering the adversary.
With over twenty years of security operations experience, we’ve seen first-hand how product-centric security is not sufficient to achieve this purpose and outpace the adversary at scale. Security Operations teams require an integrated platform that help to predict, prevent, detect, and respond to security incidents more quickly and efficiently. Secureworks has been building security software platforms and writing applications for twenty years for our own use in delivering integrated security services for customers. When I joined the company over three years ago, we began to build our next-generation, cloud native security platform to strengthen and unify the security community, and place our products in the hands of increasingly sophisticated security operations teams.
From the start, we have relied on our deep experience understanding the threat, and our leadership position in Managed Security to inform the development of products like Red CloakTM Threat Detection and Response (TDR), and fundamentally believe that expertise is one of our key differentiators in the market.
The industry supports this view. Secureworks was recently positioned as a Leader in Managed Security Services (MSS) in the “IDC MarketScape: Worldwide Managed Security Services 2020 Vendor Assessment” (read an excerpt from the report - "IDC MarketScape: Worldwide Managed Security Services 2020 Vendor Assessment"). Not only does the IDC MarketScape highlight Secureworks long history in the MSS space, they also recognize Secureworks’ pivot to a software provider as one of the key factors in our position as a worldwide MSS leader:
“A great deal of time and monetary investment has been put into Secureworks' SaaS product Red Cloak Threat Detection and Response capabilities moving the company into a software provider shifting Secureworks into a product plus MSS service provider hybrid category over the past 24–36 months. Red Cloak TDR ingests endpoint, network, and cloud telemetry from the client environment at the meta level; normalizes it; and uses advanced analytics and threat intelligence to alert clients to suspicious activity or to act on their behalf. Building on its 21-year history, Secureworks decided to open up its detection, response, and analytics tools to external use by providing a multitiered offering where clients can do their own tier 2 and 3 exercises using Red Cloak, they can initiate a web-based chat directly with a Secureworks expert for assistance, or Secureworks can provide a client hands-off experience in a traditional MSS engagement.”
The report also points out Secureworks’ portfolio of critical adjacent services in security consulting such as incident response (IR), adversarial testing, targeted threat hunting, and threat intelligence stating that:
“Secureworks' Threat Intelligence plays another differentiation in what the company provides to its customers.”
As we continue to stay focused on the cybersecurity needs of our customers and partners, it is important we also stay focused on the trends that will have impact on their future infrastructure. Research from ESG shows 82%2 of organizations are actively integrating security technologies to help address the complexities of threat detection and response. As companies compete in pursuit of the most simplified and integrated security solutions, the new emerging trend known as Extended Detection and Response, or XDR, is gaining momentum.
The goal of XDR is to ingest telemetry from a variety of sources – endpoint, network, cloud, threat intelligence, etc. for the sake of informing and enriching security analytics and response actions. This last point is critically important. Data for the sake of data is not the point, and this is why legacy SIEMs have never lived up to their promise. They were built for “A”, and then repurposed for “B” as an afterthought. While data certainly matters and is the life-blood of any end-to-end security solution, the type of data, the diversity of data, the amount of data, how you apply that data and for what purpose are the critical nuances that often get lost in the conversation.
When we first set off to develop what is now known as Red Cloak TDR, our original vision and our “bet” on where the market would go aligns squarely with what is now increasingly being called “XDR”. As we like to say at Secureworks, “TDR was XDR before XDR was a thing”. So for us, this is back to the future: a future where we secure human progress by outpacing and outmaneuvering the adversary.
1 IDC MarketScape: Worldwide Managed Security Services 2020 Vendor Assessment, by Martha Vazquez, September 2020, IDC # US46235320
2 ESG Blog, XDR Market Challenges, July 16, 2020