Update: Secureworks Announces ATT&CK® Evaluation Results, Momentum in Software Innovation

Update: Secureworks Announces ATT&CK® Evaluation Results, Momentum in Software Innovation

MITRE publicly released the results of its most recent ATT&CK Evaluation this week, and Secureworks® is proud to announce that our cloud-native SaaS application, Red Cloak™ Threat Detection and Response (TDR), rapidly and accurately detected the adversary in the first stage of all attacks and continued to deliver visibility and detections throughout 90% of the evaluated ATT&CK techniques. But we're even more proud to have participated in something that truly raises the bar for the cybersecurity industry, empowering vendors to innovate faster and deliver better protection for customers around the globe.


This month, Secureworks Red Cloak Threat Detection and Response turns one year old, and the six months since we began the MITRE ATT&CK Evaluation have been our most productive yet in terms of improvement and innovation.


As we mentioned in our original post below, we discovered novel opportunities for detections even while preparing for and executing the assessment, including PowerShell Script Block Logging reconstruction and custom Windows Management Instrumentation (WMI) attack detections. During the evaluation, Red Cloak TDR collected the entire PowerShell script as well as the invocation of any functions within it. This tells us what the adversary could do, and what they did do, which is critical to response teams.


Since the evaluation, we've continued to innovate. We widened customer visibility with 36 new data source integrations, added advanced analytics detectors, delivered multiple infrastructure enhancements and built on services, including a new MDR Dashboard that provides visibility into how TDR provides value. Advanced search capabilities now aid customers in threat hunting, and customers who need expert analyst support can get it via an in-app cha ..

Support the originator by clicking the read the rest link below.