SecureWorks approaches every vulnerability assessment as unique to each organization.
Unauthorized access to company resources using existing vulnerabilities is a serious security concern. Identifying, quantifying and prioritizing security vulnerabilities in an environment can be a difficult process without the proper methodology, skills and tool sets. Illuminating these vulnerabilities, as well as providing the appropriate mitigation procedures, helps to reduce and eliminate them to an acceptable level of risk.
In this video, Nate Drier, SecureWorks Security Analysis Consultant, gives you an overview of the SecureWorks methodology for Vulnerability Assessments and describes what you can expect in your engagement and subsequent reporting to help you take actionable steps toward securing your network.
Hi, I’m Nate and I’m here to talk about Vulnerability Assessment Methodology.
So we’ve got our network here and you can see up top we have the internet, everything north of this dotted line is an external network, publicly accessible from your nearest local coffee shop wi-fi connection and everything below this dotted line is internal to the client or customer network that has normal things like workstations or databases and on this line we have a web server connected to the internal network probably through a DMZ somewhere but it is also published to the internet, anyone can access this external website.
So for a vulnerability assessment, we use a suite of automated tools. We are just going to scan the outside perimeter of this web server. We'll look at the port side, we'll look specifically at the software that's running on this server and look for known issues and vulnerabilities and those will be organized, validated and delivered in a report. With that you get a decent amount of coverage. We are not just looking for just critical issues or medium risk issues, we’re trying to look for and group all of the issues that will impact the security of your organization whatsoever. When we find those issues, we will validate them but we’re not penetrating into that machine, we’re not pivoting, we’re just providing a list of potential security issues in that system or all systems that were in scope.
We generate around 2 billion events each month. With Secureworks, we are able to crunch down that number to 20-30 high fidelity alerts — and that makes my team's job much easier.
Sunil Saale, Head of Cyber and Information Security, Minter Ellison
Red Cloak™ Threat Detection and Response isn’t just the next generation of SIEM, it’s an evolution.
David Levine, CISO, Ricoh Group
The old approaches to cybersecurity are no longer adequate. It’s time for something new. Layered defenses can create almost as many problems as they solve, and security teams struggle to keep up with the threat. What you need is context across all your layers of defense with the right people, processes, and technology working together in concert. That’s how Secureworks can help. Using 20+ years of industry knowledge, advanced analytics, industry-leading threat intelligence, and the network effect of more than 4,000 customer environments, we provide world-class cybersecurity solutions to customers around the globe. This unmatched experience empowers our customers to be Collectively Smarter. Exponentially Safer.™
Our Managed Detection and Response (MDR) solution is comprehensive, powered by our cloud-native software Red Cloak™ Threat Detection and Response that uses AI and machine learning to deliver better outcomes for your security operations. MDR unifies telemetry from your existing security technology to maximize visibility, reduce complexity, and enable you to move at the speed of the threat. Learn more about how Managed Detection and Response uses contextualized visibility to improve your organization’s security posture.