Key findings from the report:
- The report examines the methods threat actors used to gain access and provides advice on prioritizing your efforts to protect against present day threats
- You’ll also learn the 5 most common misconceptions our incident response team hear from organizations with large blind spots
Don’t expect a whole lot from your expensive new security tools unless you first master the basics.
That’s the message in a new report from the Secureworks incident response team that draws lessons from their experience in over 1000 IR engagements last year. Time and again in 2018, responders and security analysts saw threat actors exploit basic security gaps to circumvent expensive security stacks.
The new Secureworks Incident Response Insights Report 2019 shows how organizations are undermining their security programs by leaving gaps in security fundamentals that gift easy opportunities to threat actors. As a result, the adversaries gravitated toward known successful tactics and needed only moderate evolution to achieve success. Use of native tools and other living off the land techniques helped them evade detection. Frustratingly, many of the gaps our team saw can be effectively addressed with measures like multi-factor authentication.
Get Your Complimentary Paper
The old approaches to cybersecurity are no longer adequate. It’s time for something new. Layered defenses can create almost as many problems as they solve, and security teams struggle to keep up with the threat. What you need is context across all your layers of defense with the right people, processes, and technology working together in concert. That’s how Secureworks can help. Using 20+ years of industry knowledge, advanced analytics, industry-leading threat intelligence, and the network effect of more than 4,000 customer environments, we provide world-class cybersecurity solutions to customers around the globe. This unmatched experience empowers our customers to be Collectively Smarter. Exponentially Safer.™
Our Managed Detection and Response (MDR) solution is comprehensive, powered by our cloud-native software Red Cloak™ Threat Detection and Response that uses AI and machine learning to deliver better outcomes for your security operations. MDR unifies telemetry from your existing security technology to maximize visibility, reduce complexity, and enable you to move at the speed of the threat. Learn more about how Managed Detection and Response uses contextualized visibility to improve your organization’s security posture.