Secureworks Taegis NDR identifies malicious activity on the network
Secureworks released Secureworks Taegis NDR, to stop nefarious threat actors from traversing the network. The dominance of cloud applications and remote working has created an explosion in network traffic, up over 20% from 2023 to 20241.
Adversaries are taking advantage of these increased volumes to slip past defenses. Taegis NDR leverages AI to uncover hidden threats, integrating threat prevention, detection and response to halt malicious activity on the network.
Secureworks data, as measured across the company’s global customer base, shows that Taegis NDR can block 99% of malicious activity identified on the network. With threat actors obfuscating their behavior, legacy network controls such as IDPs and firewalls are no longer able to keep pace or offer sufficient protection against evolving adversarial tactics.
Organizations need a multi-layered cybersecurity strategy. Taegis NDR provides a complete picture of all internal traffic moving between endpoints as well as traffic entering and exiting the network at the edge. This visibility is crucial to identifying the presence of threat actors and how they are moving within the network.
When integrated with the Taegis XDR platform, NDR correlates telemetry across different threat vectors to detect adversarial behavior that would otherwise be analyzed in silos and potentially missed.
“Taegis NDR empowers us to proactively mitigate cyber risks to our business,” said Steve Hey, SVP of Information Technology, Infrastructure, and Operations, National 9/11 Memorial & Museum. “It adds an extra layer of intelligence that fortifies our cyber defenses. When Taegis NDR sends us an alert, I know there’s an issue so I can quickly assign my resources to tackle it and protect our business.”
Managed centrally in the Taegis Platform, Taegis NDR is updated continuously with curated countermeasures based on global real-world threat intelligence to protect customer networks from the latest attack vectors. Its AI engine analyzes network traffic for anomalous application and port usage, identifying potential internal and external threats before they can cause harm, such as data exfiltration or ransomware attacks.
Automated response actions fuel faster and more accurate response times. Lastly, customers don’t have the burden of managing endless rules and signatures, saving them time and resources that can be deployed elsewhere.
“Network connected devices represent an opportunity for cyber criminals, as few organizations have the central governance, and strong policies, to ensure 100% up-to-date coverage at the endpoint. Threat actors continue to develop stealthy and evasive techniques to enter networks, that if not detected, inflict serious operational and financial damage on an organization,” said Kyle Falkenhagen, CPO, Secureworks.
“Companies need a layered cybersecurity defense, but many lack the resources and expertise to execute on this strategy. Taegis NDR solves this challenge, optimally delivering reliable network protection. By integrating into the Taegis platform, we can provide partners and customers with a more streamlined and cost-effective, yet holistic, solution for reducing their cyber risk,” added Falkenhagen.
Generally available now, and fully integrated with the Taegis platform, key features of Taegis NDR include:
- The flexibility to inspect all network traffic and choose to block immediately or be alerted to malicious traffic.
- The ability to continuously analyze network telemetry with deep packet inspection (DPI), without impacting network performance.
- 24/7 protection leveraging global real-world threat intelligence and expertly tuned countermeasures from Secureworks Counter Threat Unit (CTU).
- Anomalous application and port usage detection powered by AI engine.
- Full device management, eliminating the burden on in-house teams as it includes all updates, patches, as well as hardware and software refreshes.
- Detailed change reporting reflecting daily management of countermeasures applied to secure the network helps organizations comply with audit requirements.
- A daily audit of NDR detections and emergency detection updates for urgent situations.
- The capability to be deployed both physically and virtually based on customer needs and budget.