Secureworks announced the launched of Secureworks Taegis IDR, a new Identity Threat Detection and Response (ITDR) solution, setting a new industry benchmark of 90 seconds to discover identity related risks and misconfigurations, an issue that impacts 95% of organizations. The new proactively closes security gaps by leveraging advanced AI and machine learning, to automatically detect, prioritize and respond to identity-based threats across an organization’s environment and the dark web.
Identity remains one of the top three access vectors for ransomware and in the last three years, Secureworks Counter Threat Unit (CTU) has observed a 688% increase in stolen credentials offered for sale on one of the dark web’s largest marketplaces. Analysis of Microsoft Entra ID (formerly Microsoft Azure Active Directory) environments by the Secureworks Incident Response team has revealed that 95% are misconfigured, opening the door for cyber criminals to escalate privileges and carry out identity-based attacks. It’s clear that the risk around identity is the unsolved puzzle of cyber, creating opportunities for threat actors to exploit and cause havoc.
“Identity is the fuel of the cybercriminal ecosystem and today we’re cutting off their supply,” stated Kyle Falkenhagen, Chief Product Officer, Secureworks. “Taegis IDR constantly monitors an organization’s environment and the dark web to automatically prevent, detect, prioritize and respond to identity-based threats that bypass traditional identity security controls. Unifying identity protection with the latest threat intelligence, AI, and broad visibility across endpoints, cloud and other applications, Taegis IDR uncovers misconfigurations to improve identity security posture with speed and precision.”
Taegis IDR protects against 100% of MITRE ATT&CK Credential Access techniques, including kerberoasting, password spraying and brute force attacks. Taegis IDR includes the following capabilities:
- Reduces identity attack surfaces: Continuously scans Microsoft Entra ID environments to identify misconfigurations and security gaps.
- Decreases risk of leaked or stolen credentials: Monitors and alerts when credentials have been exposed in data breaches or on the dark web.
- Identifies risky user behaviors: Monitors for abnormal activity associated with the use of stolen credentials.
- Provides full visibility into identities: Within 90 seconds organizations have visibility of identities across systems, allowing teams to work effectively to address exposures before they can be exploited.
- Protects against identity-based threats: Detects credential compromise, insider threats, kerberoasting, password spraying, lateral movement, account takeover, brute force attacks and more before they can impact the business.
- Accelerates response to identity threats: Leverages automated playbooks to take immediate response actions including disabling a user, forcing a password reset, locking an account and revoking a session.
- Unifies ITDR and extended detection and response (XDR): Delivers comprehensive prevention, detection and response in a single cybersecurity platform.
