Home > News > featured news > Secureworks Unifies Industrial Cybersecurity with the First Integrated MDR Solution for OT and IT

Enterprise Security, Platform Security, Software Security

Secureworks Unifies Industrial Cybersecurity with the First Integrated MDR Solution for OT and IT

Prnewswire | June 02, 2023 | Read time : 06:00 min

Secureworks Unifies Industrial Cybersecurity

Secureworks® (NASDAQ: SCWX), a global leader in cybersecurity, today announced two new offerings to unify the way industrial organizations prevent, detect, and respond to threats across the OT and IT landscapes.

Taegis XDR for OT – Secureworks award-winning XDR platform that combines intelligence from OT with security telemetry across the IT landscape into a single unified threat prevention, detection and response platform. The platform is for Managed Security Service Providers (MSSPs) who want to deliver Managed Detection and Response (MDR) solutions, and for organizations that manage their own SOCs.

Taegis ManagedXDR for OT – Secureworks MDR offering that empowers industrial organizations, such as manufacturers, to secure both OT and IT environments with a team of security experts detecting, investigating, and responding to threats 24x7.

The convergence of OT and IT in the industrial sector brings technological and economic benefits, but also increases risk. The more OT systems are digitally connected, the larger the overall attack surface becomes, making OT an increasingly attractive target for threat actors. This, combined with a global cybersecurity talent shortage numbering in the millions, has led to unprecedented levels of cyberattacks impacting the industrial sector. According to Gartner®1, manufacturing companies are now among the most targeted for cyberattacks, comprising 23% of all attacks. Secureworks Counter Threat Unit™ data shows that approximately 22% of Secureworks' emergency incident response engagements between April 2022 and April 2023 were in the manufacturing industry alone. Manufacturing made up 20% of all ransomware-based incident response engagements that Secureworks remediated in the same period. Gartner also predicts that by 2025, 70% of asset-intensive organizations will have converged their security functions across both enterprise and operational environments.2 Yet, in industrial environments overall, OT is often managed differently from IT with no centralized visibility across both.

"As OT and IT systems infrastructure becomes more interdependent and connected, the risks from threats traversing these environments are rapidly escalating," said Dave Gruber, Principal Analyst with Enterprise Security Group. "Security operations teams need visibility into the combined OT/IT environment to detect, investigate, and respond to these complex threats. Secureworks' move to offer a specialized OT security solution by leveraging its own, proven Taegis XDR platform highlights the importance of this increasing threat."

"Industrial organizations will continue to be challenged by an expanding attack surface and evolving threat landscape. Their risks include unplanned shutdowns, financial losses, and harm to human populations that rely on critical services," said Kyle Falkenhagen, Chief Product Officer, Secureworks. "And the potential costs are staggering. For example, manufacturers lose an average of $148 per second3 of unplanned downtime – almost $9,000 per minute. As a managed solution that unifies threat prevention, detection and response of OT and IT into a single platform, Secureworks helps organizations with OT environments reduce cyber risks and enhance their security postures as they complete their digital transformations," Falkenhagen concluded.

Taegis ManagedXDR for OT

Industrial organizations can reduce risk by bringing Taegis XDR's threat monitoring, detection, investigation and response capabilities across both OT and IT environments, eliminating the visibility challenges often associated with OT and IT systems. Taegis XDR is already used by five of the top 20 manufacturers in the world. Now, with the first integrated MDR solution for OT and IT, organizations can unify their security monitoring and visibility strategies under a single platform, while gaining the benefits of a fully managed security solution using Taegis ManagedXDR.

The solution includes:

  • 24x7 threat monitoring with unlimited access to security experts in 90 seconds or less, collaborative design of OT and IT response processes, customizable rules and playbooks, quarterly expert security reviews, monthly threat hunting, onboarding support, and access to proactive services (including incident response planning and adversarial testing).
  • Taegis XDR platform, a SaaS security platform that processes more than 640 billion events daily across more than 2,000 customers to enable superior detection and response. The Taegis platform integrates feeds from third-party tools that are normalized and analyzed, along with Secureworks own proprietary data and global threat intelligence curated by the Counter Threat Unit.
  • Secureworks Taegis endpoint agent and the Secureworks Taegis iSensor IDS/IPS device for monitoring IT and OT traffic.
  • Integrations with leading OT solutions.
  • Hundreds of out-of-the-box integrations across different technology solutions including Google, Mimecast, AWS, Microsoft, and Netskope among others.
  • Access to a full suite of proactive security testing services to raise cyber resiliency across OT and IT environments.

Secureworks brings the power of Taegis XDR to OT environments by delivering:

  • Superior threat detection and unmatched response across OT and IT environments through the Taegis XDR platform. Taegis XDR uses advanced analytics and machine learning to discover stealthy threats while automatically prioritizing the most serious threats. The platform includes more than 700,000 curated threat indicators and 20,000 curated countermeasures. Designed as an open platform, Taegis continuously interprets telemetry from proprietary and third-party sources while providing the best support for environments with endpoint solutions from different providers.
  • Vast insights into threats targeting industrial environments. The Secureworks Counter Threat Unit research team analyzes and uncovers new threats targeting industrial environments, from manufacturers to critical infrastructure services, using over 20 years of defending organizations all over the world. Threat insights are developed from elite threat researchers tracking over 175 active threat groups, findings from over 3,000 incident response and testing engagements each year, and a diversity of attack data from Taegis.

About Secureworks

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improving customers' ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Spotlight

Agari Phishing Defense: Machine Learning Models

Traditional email security products struggle to detect email impersonation threats such as BEC and targeted phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra’s Agari uses advanced data sc

More featured news

Spotlight

Agari Phishing Defense: Machine Learning Models

Traditional email security products struggle to detect email impersonation threats such as BEC and targeted phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra’s Agari uses advanced data sc

Related News

Platform Security, Software Security, Cloud Security

Aqua Security Unveils AI-Guided Remediation for Lightning-Fast Vulnerability Response

GlobeNewswire | August 04, 2023

Aqua Security, the pioneer in cloud native security, today announced enhancement of the Aqua Cloud Security Platform with the availability of AI-Guided Remediation capabilities. Now overburdened security teams can better operationalize risk findings to rapidly reduce risk and help developers quickly fix issues. According to the Cybersecurity and Infrastructure Security Agency, adversaries exploit a vulnerability within 15 days (on average) of discovery, putting an organization at risk for nefarious activity. This window of exposure combined with an overwhelming volume of alerts amplifies the need for all organizations to reduce mean time to remediation (MTTR). “Cyber threats evolve faster than ever, and security practitioners are increasingly challenged to identify and quickly resolve critical issues,” said Amir Jerbi, CTO and co-founder, Aqua Security. “With Aqua Security’s AI-Guided Remediation, we’re empowering security teams to expedite the resolution of vulnerabilities and misconfigurations. This not only enhances cloud security, but it also fosters collaboration between developers and security experts, ensuring a more resilient and secure ecosystem.” With step-by-step instructions on how to fix the issue, it dramatically reduces the MTTR for security teams and reduces risk exposure, removing the hassle of manually finding advisories, the associated patches and verification steps. AI-Guided Remediation eliminates the guesswork, searching and self-education time, and it allows the developers to focus on completing the fix rather than trying to figure out how to complete it. Leveraging AI-Guided Remediation, dev and security teams can automatically generate prescriptive remediation steps for any misconfigurations and vulnerabilities across multiple clouds and workload types. As part of a comprehensive security platform with dev security, Aqua provides consistent information to dev and security teams within Aqua’s cloud native application protection platform (CNAPP), the Aqua Cloud Security Platform. Break Down Friction, Unify Security A top organizational challenge of DevSecOps adoption is the lack of collaboration between dev and security teams (source: IDC)1. AI-Guided Remediation bridges that gap while also reducing friction. Despite having different goals and responsibilities, developers are facing increasing pressure to act as security experts. As further illustrated by IDC data, building a culture of shared ownership between dev and security is a driver for adopting a DevSecOps. AI-Guided Remediation provides prescriptive contextual guidance to help developers, who may not be security experts, arm themselves with the information they need to remediate quickly and collaborate more effortlessly. “As a developer, AI-Guided Remediation is like having a security expert in your pocket,” said Jerbi. AI-Guided Remediation leverages generative AI and is part of the SaaS addition of the Aqua Cloud Security Platform; it is available with an Open AI integration with ChatGPT. To learn more, visit Aquasec.com. About Aqua Security Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from cloud to cloud and back. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.

Read More

Platform Security, Software Security, Cloud Security

Legit Security Announces Integration with CrowdStrike to Bring Application Security Posture Management to Customers

PR Newswire | August 02, 2023

Legit Security, a cyber security company with an enterprise Application Security Posture Management platform that secures application delivery and protects an organization's software supply chain from attack, today announced a partnership with CrowdStrike, a global leader in cloud-delivered protection of endpoints, cloud workloads, identity and data protection. With this partnership, Legit Security integrates with the CrowdStrike Falcon® platform to provide extended application security, auto-discovery, and vulnerability management. Leveraging the two solutions, customers can automatically trace cloud application vulnerabilities back to their code origin and more rapidly prioritize and remediate security issues leveraging deep application context. With the need for frequent software releases, DevOps and modern CI/CD pipelines have left security teams struggling to secure their cloud applications in the face of increasing threats. Within these constantly changing development environments, legacy security approaches fall short with high levels of noise and alerts, making it difficult to quickly prioritize cloud application vulnerabilities and identify the root cause. Compounding the challenge, organizations lack real-time application security posture management across their CI/CD pipelines and pre-production development environments as software supply chain attacks continue to grow dramatically. With Legit Security's integration with the Crowdstrike Falcon® platform, security teams can quickly see where vulnerabilities discovered in production applications originated, and where vulnerabilities discovered in code get deployed. Legit Security ingests security data across cloud workloads from the CrowdStrike Falcon platform to identify and trace the source of vulnerabilities and accelerate triage and prioritization of issues based on context and severity. "Cloud application security is a top priority, however enterprises need to balance security with an ability to improve productivity and do more with less," said Roni Fuchs, CEO and co-founder, Legit Security. "Instantly tracing cloud application security vulnerabilities back to their source with full context regarding the application, its software supply chain, and code origination can dramatically improve remediation time and productivity for both security and development teams. Now listed in the CrowdStrike Store, Legit Security's offering allows customers to easily find information on our integration to ultimately gain dramatic improvements in risk scoring, security issue classification and prioritization, and get the most out of their valuable security resources." About Legit Security Legit Security provides application security posture management platform that secures application delivery from code to cloud and protects an organization's software supply chain from attack. The platform's unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

Enterprise Security, Platform Security, Software Security

Kivu Launches New Managed Security Services for Cloud and Identity Threat Detection and Response

PR Newswire | August 18, 2023

Kivu Consulting, a premier global cybersecurity solutions provider, is proud to introduce two new managed security services: Cloud Detection and Response and Identity Threat Detection and Response. Powered by CrowdStrike, as part of Kivu and CrowdStrike's elite MSSP partnership, these innovative services are designed to equip clients with new capabilities to address the expanding technology attack surface and continued targeting of digital identities by cyber threats. Cloud Detection and Response: Kivu's Cloud Detection and Response service is a fully managed solution engineered to support cloud and hybrid environments. Key features include: Identification and alerts for cloud accounts, infrastructure misconfigurations, and compliance violations. Detection and prevention of cloud account and control plane threats. Resolution of vulnerabilities and misconfigurations in Cloud workload. Runtime detection and response for container and function-based applications. Identity Threat Detection and Response: Kivu's Identity Threat Detection and Response service integrates seamlessly with Active Directory and cloud-based identity stores to provide: Real-time threat detection using AI-based behavioral analytics for actionable insights. Early identification of threats before systems and data are impacted. Identity scoring and enforcement of robust authentication for risk-based remediation. Implementation of Zero Trust Principles. "As a leading incident response firm, we are observing daily how the threat landscape changes. Remote work has surged post-pandemic, the cloud has become a predominant IT delivery model, and zero trust is a priority," said Gary Alterson, Vice President of Kivu's Managed Security Services. "Our Cloud and identity managed services address modern threats and ensure we are providing the best possible security outcomes for our clients." "The steady increase in compromised credentials magnifies the importance of identity threat protection, and Kivu is determined to address this critical client need," said Shane Sims, CEO of Kivu Consulting. "With the launch of our expanded managed security services, Kivu continues to lead in providing trusted solutions to our clients and cybersecurity ecosystem partners." About Kivu Consulting Kivu is a leading global cybersecurity firm that offers a full suite of pre- and post-incident services, specializing in the forensic response to cyberattacks and ransomware incidents. We deliver cutting-edge cybersecurity solutions to organizations in need and are a trusted cyber incident partner to insurance carriers and law firms worldwide. Visit KivuConsulting.com.

Read More

Platform Security, Software Security, Cloud Security

Aqua Security Unveils AI-Guided Remediation for Lightning-Fast Vulnerability Response

GlobeNewswire | August 04, 2023

Aqua Security, the pioneer in cloud native security, today announced enhancement of the Aqua Cloud Security Platform with the availability of AI-Guided Remediation capabilities. Now overburdened security teams can better operationalize risk findings to rapidly reduce risk and help developers quickly fix issues. According to the Cybersecurity and Infrastructure Security Agency, adversaries exploit a vulnerability within 15 days (on average) of discovery, putting an organization at risk for nefarious activity. This window of exposure combined with an overwhelming volume of alerts amplifies the need for all organizations to reduce mean time to remediation (MTTR). “Cyber threats evolve faster than ever, and security practitioners are increasingly challenged to identify and quickly resolve critical issues,” said Amir Jerbi, CTO and co-founder, Aqua Security. “With Aqua Security’s AI-Guided Remediation, we’re empowering security teams to expedite the resolution of vulnerabilities and misconfigurations. This not only enhances cloud security, but it also fosters collaboration between developers and security experts, ensuring a more resilient and secure ecosystem.” With step-by-step instructions on how to fix the issue, it dramatically reduces the MTTR for security teams and reduces risk exposure, removing the hassle of manually finding advisories, the associated patches and verification steps. AI-Guided Remediation eliminates the guesswork, searching and self-education time, and it allows the developers to focus on completing the fix rather than trying to figure out how to complete it. Leveraging AI-Guided Remediation, dev and security teams can automatically generate prescriptive remediation steps for any misconfigurations and vulnerabilities across multiple clouds and workload types. As part of a comprehensive security platform with dev security, Aqua provides consistent information to dev and security teams within Aqua’s cloud native application protection platform (CNAPP), the Aqua Cloud Security Platform. Break Down Friction, Unify Security A top organizational challenge of DevSecOps adoption is the lack of collaboration between dev and security teams (source: IDC)1. AI-Guided Remediation bridges that gap while also reducing friction. Despite having different goals and responsibilities, developers are facing increasing pressure to act as security experts. As further illustrated by IDC data, building a culture of shared ownership between dev and security is a driver for adopting a DevSecOps. AI-Guided Remediation provides prescriptive contextual guidance to help developers, who may not be security experts, arm themselves with the information they need to remediate quickly and collaborate more effortlessly. “As a developer, AI-Guided Remediation is like having a security expert in your pocket,” said Jerbi. AI-Guided Remediation leverages generative AI and is part of the SaaS addition of the Aqua Cloud Security Platform; it is available with an Open AI integration with ChatGPT. To learn more, visit Aquasec.com. About Aqua Security Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from cloud to cloud and back. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.

Read More

Platform Security, Software Security, Cloud Security

Legit Security Announces Integration with CrowdStrike to Bring Application Security Posture Management to Customers

PR Newswire | August 02, 2023

Legit Security, a cyber security company with an enterprise Application Security Posture Management platform that secures application delivery and protects an organization's software supply chain from attack, today announced a partnership with CrowdStrike, a global leader in cloud-delivered protection of endpoints, cloud workloads, identity and data protection. With this partnership, Legit Security integrates with the CrowdStrike Falcon® platform to provide extended application security, auto-discovery, and vulnerability management. Leveraging the two solutions, customers can automatically trace cloud application vulnerabilities back to their code origin and more rapidly prioritize and remediate security issues leveraging deep application context. With the need for frequent software releases, DevOps and modern CI/CD pipelines have left security teams struggling to secure their cloud applications in the face of increasing threats. Within these constantly changing development environments, legacy security approaches fall short with high levels of noise and alerts, making it difficult to quickly prioritize cloud application vulnerabilities and identify the root cause. Compounding the challenge, organizations lack real-time application security posture management across their CI/CD pipelines and pre-production development environments as software supply chain attacks continue to grow dramatically. With Legit Security's integration with the Crowdstrike Falcon® platform, security teams can quickly see where vulnerabilities discovered in production applications originated, and where vulnerabilities discovered in code get deployed. Legit Security ingests security data across cloud workloads from the CrowdStrike Falcon platform to identify and trace the source of vulnerabilities and accelerate triage and prioritization of issues based on context and severity. "Cloud application security is a top priority, however enterprises need to balance security with an ability to improve productivity and do more with less," said Roni Fuchs, CEO and co-founder, Legit Security. "Instantly tracing cloud application security vulnerabilities back to their source with full context regarding the application, its software supply chain, and code origination can dramatically improve remediation time and productivity for both security and development teams. Now listed in the CrowdStrike Store, Legit Security's offering allows customers to easily find information on our integration to ultimately gain dramatic improvements in risk scoring, security issue classification and prioritization, and get the most out of their valuable security resources." About Legit Security Legit Security provides application security posture management platform that secures application delivery from code to cloud and protects an organization's software supply chain from attack. The platform's unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

Enterprise Security, Platform Security, Software Security

Kivu Launches New Managed Security Services for Cloud and Identity Threat Detection and Response

PR Newswire | August 18, 2023

Kivu Consulting, a premier global cybersecurity solutions provider, is proud to introduce two new managed security services: Cloud Detection and Response and Identity Threat Detection and Response. Powered by CrowdStrike, as part of Kivu and CrowdStrike's elite MSSP partnership, these innovative services are designed to equip clients with new capabilities to address the expanding technology attack surface and continued targeting of digital identities by cyber threats. Cloud Detection and Response: Kivu's Cloud Detection and Response service is a fully managed solution engineered to support cloud and hybrid environments. Key features include: Identification and alerts for cloud accounts, infrastructure misconfigurations, and compliance violations. Detection and prevention of cloud account and control plane threats. Resolution of vulnerabilities and misconfigurations in Cloud workload. Runtime detection and response for container and function-based applications. Identity Threat Detection and Response: Kivu's Identity Threat Detection and Response service integrates seamlessly with Active Directory and cloud-based identity stores to provide: Real-time threat detection using AI-based behavioral analytics for actionable insights. Early identification of threats before systems and data are impacted. Identity scoring and enforcement of robust authentication for risk-based remediation. Implementation of Zero Trust Principles. "As a leading incident response firm, we are observing daily how the threat landscape changes. Remote work has surged post-pandemic, the cloud has become a predominant IT delivery model, and zero trust is a priority," said Gary Alterson, Vice President of Kivu's Managed Security Services. "Our Cloud and identity managed services address modern threats and ensure we are providing the best possible security outcomes for our clients." "The steady increase in compromised credentials magnifies the importance of identity threat protection, and Kivu is determined to address this critical client need," said Shane Sims, CEO of Kivu Consulting. "With the launch of our expanded managed security services, Kivu continues to lead in providing trusted solutions to our clients and cybersecurity ecosystem partners." About Kivu Consulting Kivu is a leading global cybersecurity firm that offers a full suite of pre- and post-incident services, specializing in the forensic response to cyberattacks and ransomware incidents. We deliver cutting-edge cybersecurity solutions to organizations in need and are a trusted cyber incident partner to insurance carriers and law firms worldwide. Visit KivuConsulting.com.

Read More

More featured news