Advanced Endpoint Threat Detection is an endpoint security service that helps clients reduce the time to detect threats in their environment and reduce the efforts to respond to those threats. Red Cloak is the latest evolution of that.
In this video, Aaron Hackworth, Senior Distinguished Engineer in our Counter Threat Unit Special Ops team, explains how AETD Red Cloak is a powerful tool to detect adversaries quickly and get them out of your environment before they take your intellectual property.
In over half of the threat hunting engagements we at SecureWorks performed last year, we found an alarming trend that threat actors used little to no malware at all and accessed the target environment using compromised credentials and the companies' own virtual private network (VPN), a term we call "living off the land". AETD Red Cloak will certainly detect the malware and tools an adversary uses, but it goes beyond to also detect the adversary's behavior when they use no malware at all.