Counter Threat Unit

The Secureworks Global Research Team

Why Secureworks CTU

Elite Cyber Threat Intelligence

The Secureworks Counter Threat Unit™ (CTU) research team analyzes threat data across our global customer base and actively monitors the threat landscape.

Targeted Threat

Identify Threats

Our expert team uses a wide variety of commercial and proprietary toolsets to produce, analyze and validate threat intelligence.

Proactive Threat Hunting

Protect Proactively

The latest findings are quickly applied across our platforms and systems to improve detection and response efforts.


Close the Gap

When anomalous activity is detected, our CTU researchers perform thorough analysis to discover new attack techniques and threats.


An Unparalleled View Of The Threat Landscape

Advanced, unique intelligence into the adversary and the current threat landscape through research into trillions of events, more than a thousand IR engagements yearly and a diverse global customer base.


Counter Threat Unit (CTU) Researchers


Diverse Global Customers


Annual IR Engagements


Trillion Events Per Week


Threat Groups Monitored


Unique, Actively Managed Threat Indicators


Collection of Threat Data

Our CTU collects threat data such as client telemetry, Incident Response and Threat Hunting engagements, Third Party / OSINT reports, Botnet Tracking and CTU research.

DarkTortilla Malware Analysis

DarkTortilla is a complex and highly configurable .NET-based crypter that has possibly been active since at least August 2015.
Threat Profiles

Threat Group Profiles

CTU publishes Threat Group profiles for both criminal and government-sponsored Threat Groups, which includes a summary of their objectives, other aliases and the malware they use.


Related Resources

Talk With an Expert

Provide your details to speak with a security expert or call for general inquiries.

United States & Canada

United Kingdom

+61 1800 737 817