Software On Demand

SaaS Journal

Subscribe to SaaS Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get SaaS Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


SaaS Authors: Elizabeth White, Liz McMillan, Pat Romanski, Mehdi Daoudi, Rajeev Gupta

Related Topics: Cloud Computing, SaaS Journal, Security Journal

Article

Dell @SecureWorks to Launch AETD Red Cloak | @CloudExpo #Cloud

New SaaS solution focuses on identifying malicious behavior and detecting attacks that use little or no malware

Dell SecureWorks is launching Advanced Endpoint Threat Detection (AETD) Red CloakTM, a fully-managed SaaS solution that can slash the time required to detect and respond to cyber-attacks from months or weeks to hours or minutes.

Armed with strong threat detection and endpoint monitoring capabilities as well as lightweight sensors that can be provisioned in minutes, AETD Red Cloak can scale via a cloud delivery model to any size environment and meet the challenge of identifying attacks that use little or no malware.

Too often, attackers go undiscovered within a victim's IT infrastructure for months or even years. In one instance, the Dell SecureWorks Incident Response team deployed AETD Red Cloak in a client's environment and within 48 hours was able to discover threat actors had compromised the environment 14 months earlier. With AETD Red Cloak's emphasis on sweeping for forensic evidence of malicious behavior, organizations can identify attacks whether malware is involved or not and quickly pinpoint the affected devices to reduce the cost and time it takes to respond.

With AETD Red Cloak, Dell SecureWorks is bringing to market a fully-hosted endpoint security solution powered by up-to-the-minute threat intelligence provided by experts from the Counter Threat UnitTM (CTU) research team, as well as global visibility that comes from protecting more than 4,100 clients in 61 countries. Red Cloak was initially developed to support the company's Targeted Threat Hunting and Response professional services teams.

"Historically, Red Cloak was used by our Incident Response (IR) team when it went out on IR engagements to uncover undetected malicious activity taking place in organizations' IT environments," said Aaron Hackworth, senior distinguished engineer with Dell SecureWorks' CTU team. "However, Red Cloak was so successful in rooting out the threat actors that our Incident Response clients insisted we leave the Red Cloak solution installed in their IT environment to alert them to any future malicious activity. Those successes are what drove us to enhance the solution and make it available to help organizations around the world fight stealthy cyber-attacks."

The Red Cloak solution is especially critical for catching attacks that don't use malware. Once inside a network, attackers are continuing to evade traditional endpoint security controls often by leveraging compromised credentials and tools native to the target's environment, such as remote access services, endpoint management platforms and other legitimate system tools. This tactic is called "living off the land," and was used to gain entry in more than half of the cyber-espionage incidents Dell SecureWorks responded to last year.

To give organizations the earliest possible warning of compromise, AETD Red Cloak's sensors search for forensic evidence of malicious activity while continuously collecting information about what is happening on the device, such as what programs are running, what commands are being executed, network connections, thread injection, memory inspection and more. The sensors send the collected data to the Counter Threat Platform, hosted off-premise, where it is analyzed using intelligence from Dell SecureWorks' CTU researchers to spot attacker behavioral patterns and threat indicators.

The solution blends multiple views of system activity to see beyond static indicators such as IP addresses and domain names and uncovers the behaviors and techniques of cyber adversaries. AETD Red Cloak has been deployed on more than 3,500,000 endpoint devices, including desktops, servers, and laptops.

Because AETD Red Cloak is a SaaS solution, it easily scales to meet the needs of a growing organization. Currently, AETD Red Cloak supports endpoints running the Windows operating system. Support for other operating systems is planned for the near future. The Security Analysis Team Cyber Threat Analysis Center will provide an electronic notification within 15 minutes of the determination that activity constitutes a security incident. Targeted or high-impact incidents are forwarded on to the Senior Intrusion Analyst Team, with a response guaranteed within 24 hours of the determination.

AETD Red Cloak builds upon Dell SecureWorks' endpoint security portfolio, which already features the endpoint monitoring capabilities of the AETD Carbon Black service. AETD Carbon Black provides strong malware detection capabilities and focuses on file execution, the system registry and network connections. It also includes an onsite management console.

AETD Red Cloak is currently available in the North America, Latin America, EMEA and the ANZ regions. Language support is only in English at this time.

@ThingsExpo - The World's Largest 'Internet of Things' Event, June 7-9 2016 at New York City's Javits Center!

Secrets of Sponsors and ExhibitorsHere
Secrets of Cloud Expo SpeakersHere

All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.

@CloudExpo / @ThingsExpo 2016 New York
(June 7-9, 2016, Javits Center, Manhattan)

@CloudExpo / @ThingsExpo 2016 Silicon Valley
(November 1-3, 2016, Santa Clara Convention Center, CA)

With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo, June 7-9, 2016, at the Javits Center in New York City. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be.

Register for @CloudExpo/@ThingsExpo 'FREE' Before Friday! Here

Delegates to @ThingsExpo will be able to attend 14 simultaneous, information-packed education tracks.

There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content.

Join @ThingsExpo conference chair Roger Strukhoff (@IoT2040), June 7-9, 2016 in New York City, for three days of intense 'Internet of Things' discussion and focus, including Big Data's indespensable role in IoT, Smart Grids and Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) IoT's use in Vertical Markets.

Your conference registration includes all 14 @CloudExpo / @ThingsExpo Tracks:

01 @CloudExpo: Enterprise Cloud Adoption
02 @CloudExpo: DevOps, Continuous Delivery and APIs
03 @CloudExpo: Mobility & Security
04 @CloudExpo: Containers & Microservices

05 @ThingsExpo: Big Data's Use in IoT & Analytics
06 @ThingsExpo: Smart Grids & Industrial 'Internet of Things'
07 @ThingsExpo: Show Me the Money! - IoT Developer Track
08 @ThingsExpo: Wearables & Consumer IoT

Hot Topics - Day 1:
09 @ThingsExpo: Vertical 'Internet of Things' Markets
10
@ThingsExpo: Identity in IoT, RTC & WebRTC

Hot Topics - Day 2:
11 @CloudExpo: Modern Data Centers
12 @ThingsExpo: Node.js & Event-Driven Architecture

Hot Topics - Day 3:
13 @CloudExpo: Cognitive Computing / Machine Learning
14
@ThingsExpo: Maker Movement & the IoT

Register FREE Before Friday! Here


A General Session, November 3-5, 2015 in Silicon Valley

@CloudExpo / @ThingsExpo 2016 New York
(June 7-9, 2016, Javits Center, Manhattan)

@CloudExpo / @ThingsExpo 2016 Silicon Valley
(November 1-3, 2016, Santa Clara Convention Center, CA)

Speaking Proposals Open
Fourth International @ThingsExpo, co-located with 18th International @CloudExpo - being held June 7-9, 2016 at the Javits Center in New York City, announces that its Call for Papers for speaking opportunities is open. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago.

Submit your speaking proposal today! ▸ Here

Sponsorship Opportunities Open
@ThingsExpo, June 7-9, 2016 at the Javits Center in New York City, is co-located with 18th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world.

Sponsor and Exhibit at @ThingsExpoHere
Download Show ProspectusHere

Secrets of Sponsors and ExhibitorsHere
Secrets of Cloud Expo SpeakersHere

Show Me The Money!
How We Built and Scaled an IoT Platform and Business

In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu's platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).

Download Chris Matthieu Keynote Slide Deck: ▸ Here

@ThingsExpo Named the World's Most Influential IoT Media Brand

@ThingsExpo has been named the Top Most Influential Internet of Things'Media Brand' by Onalytica in the ‘The Internet of Things Landscape 2015: Top 100 Individuals and Brands.'

Onalytica analyzed Twitter conversations around the IoT debate to uncover the most influential brands and individuals driving the conversation.

Intel and Cisco have been named the world's most influential IoT brands, followed by SYS-CON Media's global IoT event, @ThingsExpo as the world's most influential IoT media brand. [continued]

New York and Silicon Valley Sponsors and Exhibitors
During our last New York and Silicon Valley events, over 12,000 (audited) delegates registered and participated at @ThingsExpo, in the world's largest 'Internet of Things' event, colocated with @CloudExpo. Our conference delegates met with over 160 of the world's leading technology pioneers that were among the sponsors and exhibitors, including:


Our Demo Theater on the Expo Floor attracts more delegates than the entire conference of other events

Acision, Actifio, ActiveState, AgilePoint, AIC , Akana, AlertLogic, Ambernet, Amplidata, Apacer Memory America Inc., Appcore, AppDynamics, AppZero, Aria Systems, Arista Networks, Automic, Avere Systems, Axis Communications, B2CLOUD, Basic6, Bestwebdesignagencies.com, Bitium, Blue Box , BMC, BroadSoft, Brother , Bsquare, BUMI, CA, Inc., Calm.io, CenturyLink, Ciqada, CiRBA, Cisco, Cloudant, an IBM Company, Cloudian, CoalFire, CodeFutures, COLUMN Technologies, CommVault, connect2.me, Connected Data, CrashPlan/Code42, Creative Business Solutions , Cynny Italia S.r.l, Dasher, dcVAST, DEAC, Dell, DevOps.com, Distrix , DragonGlass, Dyn, Edgecast , ElasticBox, Emcien, Endstream Communications/Open Data Centers, EnterpriseDB, e-SignLive, by Silanis, Esri, Evident.io, FierceDevOps, FireHost, Genband, Gigamon, GoodData, Gridstore, Harbinger Group , IAPP, IBM, IDenticard Access Control, Imperva, IndependenceIT, Infor, InMage, Innodisk, Intelligent Systems, Isomorhpic , ITinvolve, iwNetworks, Ixia, iXsystems , Jelastic, Kintone, KOTRA , Liaison, Litmus Automation, MangoApps, Matrix.org, MediaTek Labs, MetraTech (now part of Ericsson), Microsoft, Navisite, Net Access , Nimble Storage, NuoDB, Inc., Objectivity, OMG, Open Data Centers, OpenCrowd, Optimal Design, Oracle, OutSystems, Parasoft, Peak10, Peer 1 Hosting, PluralSight, Plutora, ProfitBricks, PubNub, Quality Technology Services , Quantum, Qubell, RackWare , Rancher Labs, Red Hat, r-evolutionapp , RingStor, Robomq.io, SafeLogic, SAP, ScaleMP, Seagate, Secure Infrastructure & Services, Sematext , SendGrid , Serena Software, Sherweb, SimpleECM, Site 24x7, Smartvue Corporation, SOASTA, SoftLayer, an IBM Company, SoftwareAG, Soha, Solgenia, SPAN Systems, Spirent, StackIQ, Stateless Networks, Storpool, Stratogent, Stratoscale, Supermicro, SUSE, Tau Institute, Telecity, Telehouse, Telestax, The New York Times , The Vision Times, TierPoint, TMCnet, Transparent Cloud Computing Consortium, Tufin, Ulunsoft, Utimaco, VASCO Data Security, Veeam, Verizon Enterprise Solutions, Vicom Computer Services, VictorOps, Virtustream, VITRIA Technology, Vormetric, WHOA.com, Will Jaya, Windstream, WSM - Website Movers International, Zentera Systems, Zerto.


New York City June 2015 Expo Floor


Silicon Valley November 2015 Expo Floor

@CloudExpo / @ThingsExpo Has Been a Must-Attend Event for Ericsson
This week, the team assembled in NYC for @Cloud Expo 2015 and @ThingsExpo 2015. For the past four years, this has been a must-attend event for MetraTech. We were happy to once again join industry visionaries, colleagues, customers and even competitors to share and explore the ways in which the Internet of Things (IoT) will impact our industry. Over the course of the show, we discussed the types of challenges we will collectively need to solve to capitalize on the opportunity IoT presents. [continued]

About SYS-CON Media & Events
SYS-CON Media (www.sys-con.com) has since 1994 been connecting technology companies and customers through a comprehensive content stream - featuring over forty focused subject areas, from Cloud Computing to Web Security - interwoven with market-leading full-scale conferences produced by SYS-CON Events. The company's internationally recognized brands include among others Cloud Expo® (@CloudExpo), Big Data Expo® (@BigDataExpo), DevOps Summit (@DevOpsSummit), @ThingsExpo® (@ThingsExpo), Containers Expo (@ContainersExpo) and Microservices Expo (@MicroservicesE).

Cloud Expo®, Big Data Expo® and @ThingsExpo® are registered trademarks of Cloud Expo, Inc., a SYS-CON Events company.

More Stories By Elizabeth White

News Desk compiles and publishes breaking news stories, press releases and latest news articles as they happen.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.