Some things in life are simply better together, like peanut butter and jelly, fish and chips, or better yet, grilled cheese and tomato soup. The same is true for Secureworks’ Incident Response and Adversarial Security Testing practices. Working together, we help customers understand their resistance to cyber threats and deliver highly targeted assistance during cyber incidents that siloed approaches can never achieve.
During both emergency incident response and proactive engagements, the combined expertise of both practices come together and provide a more robust approach for helping customers mitigate cyber threats and elevate their cyber resilience.
Enhancing Emergency Incident Response Engagements
There’s one principle all cybersecurity practitioners agree on when it comes to predicting incident impact: the longer a threat actor remains undetected in an environment, the greater the potential damages to the organization.
The partnership between our Incident Response team and the Secureworks Adversary Group is critical to minimizing incident impact for our customers. We achieve this in a variety of ways depending on the engagement. For example, we often see incidents where there are gaps in the evidence of threat actor activity, or audit trails are overwritten by the time Secureworks is engaged. In cases like these, the Secureworks Adversary Group would reconstruct phases of the attack life cycle by testing the organization’s cybersecurity controls and piecing together the likely tactics and techniques of the threat actor. This work is enabled by world-class threat intelligence from the Counter Threat Unit™ research team.
Remediation efforts also benefit from a joint approach. When our customers go through the remediation process for an incident, the Adversary Group validates that the changes to cyberse ..
Support the originator by clicking the read the rest link below.
