SecureWorks Corp.

11/05/2024 | News release | Distributed by Public on 11/05/2024 08:18

Covering All the Security Bases in Your Microsoft Ecosystem

Microsoft E3 offers some basic security capabilities, but it doesn't go far enough to protect your organization fully in today's complex and evolving threat landscape. Secureworks helps organizations plug these gaps, integrating seamlessly with the Microsoft ecosystem for full visibility across the entire attack surface. This spans the endpoint, network, identity, cloud, and email - and other business applications - combining everything in a single view and layering on superior detection and response actions.

As a cybersecurity leader, committed to holistic prevention, detection and response across your modern hybrid environment, the following key steps will help you cover all the bases:

  1. Complement your existing E3 Native Defender NGAV capability with endpoint detection and response (EDR).
  2. Ensure near real-time detection of identity risks, as well as swift response capabilities on top of your Microsoft Entra ID environment.
  3. Leverage telemetry and signals from your Microsoft environment (Active Directory, Entra ID, Office 365) and cross-correlate these with your broader IT landscape (network, third-party cloud providers, security tooling, OT etc.)

Filling the gaps in your E3 environment

The Microsoft E3 license provides a basic security foundation with NGAV and limited identity detection, but it still leaves critical areas exposed. To close these gaps and optimize your E3 license, you need to consider:

  • 40% of the threats come from the endpoint, so an EDRsolution is essential to complement your existing NGAV.
  • The remaining 60% of threats come from other technologies (network, identity, email, and others), so you need a holistic, correlated view across all of your threat vectors.
  • Activities such as investigation, forensics, incident response, and even machine learning rely on the existence of data. To successfully address these foundational security tasks, you need a minimum of 12 months' storage.
  • 79% of data breaches are identity related. Identity detection and response should be part and parcel of your security strategy.
  • Handling 24/7 monitoring, incident response, forensics, and threat hunting proves a struggle for most organizations. The best way to streamline your detection and response efforts is with MDR services.
  • Responding to threats effectively requires a high degree of specialization and many organizations struggle to handle incident response, forensics, and threat hunting in house. You need to be able to defend your environment despite staffing and skills limitations.

In conclusion, security leaders should be looking for an approach that complements their existing E3 investment to drive better security outcomes. This means bridging the gaps identified above and bringing everything together in an integrated threat intelligence platform with built-in detection and response.

Enhancing the E3 experience with Secureworks® Taegis™ XDR

Taegis XDR integrates seamlessly with the E3 ecosystem, extending your defenses beyond Microsoft's native capabilities. Here's how the unified platform optimizes your E3 security:

  • Seamless integration with Microsoft's on-premises Active Directory, Azure Cloud, and E3 features such as Entra ID, Office 365, Defender NGAV, and more
  • Detection and response in concert with, and beyond, the Microsoft ecosystem
    E3's Native E3 tools like NGAV and Office apps work in tandem with Taegis, which also enables free ingestion of third-party security telemetry.
  • A built-in EDR agent that runs side by side with Defender NGAV
  • Reduction of your identity attack surface by monitoring Entra identities and configurations, shrinking the Entra attack surface, and correlating identity risks across your entire landscape
  • Actionable threat intelligence that adds context to Microsoft telemetry, highlighting potential signs of threat actor behavior within your Microsoft environment
  • Out-of-the-box response playbooks that work across your Microsoft ecosystem, as well as the wider IT environment

Taegis XDR also simplifies security operations, reducing the need to engineer and maintain individual detection use cases for the Microsoft environment (as well as the broader ecosystem). It achieves this through:

  • Out-of-the-box threat detection and TTPs (Tactics, Techniques, and Procedures) With no need for complex configuration, Taegis comes with thousands of pre-built detections, reducing false positives and ensuring analysts spend their time actively defending your environment.
  • Continuous updates to address evolving threats
    Taegis XDR provides real-time threat updates, ensuring your defense posture adapts as threat actors change their tactics.

Maximum value and security

While Microsoft E3 offers a robust starting point, it may not provide all the security coverage your organization needs. Additionally, Secureworks service provider partners use Taegis to fill gaps in the attack surface. By extending detection and response beyond Microsoft's core security functions, you get maximum value from your E3 investment, while all the time protecting your hybrid environment.