Red Cloak Threat Detection and Response (TDR) is the first security analytics SaaS application from Secureworks.

Lynn Haber

April 29, 2019

3 Min Read
Secureworks Debuts RedCloak TDR
Shutterstock

DELL TECHNOLOGIES WORLD Secureworks on Monday launched RedCloak Threat Detection and Response (TDR), the vendor’s first security analytics SaaS application.

The announcement came in conjunction with Dell Technologies World, being held this week in Las Vegas.

RedCloak is designed to help customers detect advanced threats, reduce alerts and false positives without the need for in-house, high-priced security professionals.

Thomas-Wendy_Secureworks-2.jpg

Secureworks’ Wendy Thomas

“The application focuses on customer outcomes and on automating threat detection, investigation and response,” Wendy Thomas, senior vice president, products and business strategy at Secureworks, told Channel Futures. “We’ve taken the knowledge that we leverage in our platform technology today and made it more extensible and available to our customers’ security teams to leverage in the form of a software application.”

The product offers collaborative workflows, and integrates with ticketing systems, such as ServiceNow, among other features:

  • RedCloak collects data from a wide variety of sources, such as the network, endpoints, cloud and business applications to understand a customer’s threat landscape. It reduces the number of false positives by integrating Secureworks’ knowledge of threat actor behaviors and leveraging machine learning (ML) where appropriate.

  • The application is designed around Secureworks’ defense-in-concert methodology, and Red Cloak TDR unifies security environments and analyzes all relevant signals in one place. Users gain additional context so they can quickly and accurately judge the implications of each event.

  • By seamlessly working on investigations together, teams can quickly reach conclusions. If they need to reach out for a higher level of expertise, there’s a built-in chat feature to get immediate access to a seasoned Secureworks expert. This benefit is included in the cost of the product.• The application allows for a quick, accurate, software-driven response that gives users the ability to automate the right action.• Because the application is cloud-native, it removes the burden of time-consuming platform management tasks.• Red Cloak TDR deliberately does not charge by data consumption, so subscribers are free to process the security-relevant data they need to keep their organization safe.• The application is designed to easily integrate into an organization’s current control framework, facilitating on-boarding.

Red Cloak TDR is the first of similar apps that Secureworks plans to release, Thomas said.

“This is the beginning of multiple applications like this that we will be launching. The idea is not to change what we do but to make what we do available in application form to customers who have in-house security teams that want to do it more on their own.”

This first SaaS app targets enterprise customers with about 10 IT professionals in-house as a “do-it-yourself application.”

“This gives our partners the ability to sell the application,” said Thomas. “The great thing about the way the pricing is structured is that it’s based on the number of endpoints. So even through it covers a wide variety of data source types, the pricing is simple and does not increase with sending more data to us.”

In fact, the more data, the merrier. Secureworks welcomes customer data because it helps provide better outcomes.

“The higher fidelity customer detections are, the better the response recommendations are,” said Thomas.

Customers without a large security team may need help running the application.

“We’re making technology that our team has available in our SOC to do things on behalf of our customer, more usable by in-house security teams or partners who deliver that type of service for customer,” she added.

If a customer wants to outsource their security investigations and remediation to a partner, that’s a value-added service, or service wrapper, that a partner could add on top of Red Cloak.

Secureworks targets a third-quarter launch for a service wrapper which entails running the Red Cloak application for SMB customers. Either a partner or Secureworks will deliver the services.

Read more about:

MSPs

About the Author(s)

Lynn Haber

Lynn Haber

Content Director Lynn Haber follows channel news from partners, vendors, distributors and industry watchers. If I miss some coverage, don’t hesitate to email me and pass it along. Always up for chatting with partners. Say hi if you see me at a conference!

See more from Lynn Haber
Free Newsletters for the Channel
Register for Your Free Newsletter Now
Subscribe

You May Also Like

Galleries
See all
Sep 16 - Sep 19, 2024
Join us for MSP Summit, September 16-19, 2024 in Atlanta, GA. You don't want to miss the industry’s most innovative and inspiring gathering of business leaders focused on growing their managed services businesses. This year’s MSP Summit will help attendees stay ahead of exponentially increasing security threats, expanding their range of services through a merger or acquisition and embrace a wide range of innovative new technologies. Get notified when registration opens.
Sign Up For Special Deal