Dell SecureWorks, an industry leader in information security services, is expanding its incident response (IR) services to counter the growing severity and frequency of breaches. Many organizations aren’t equipped internally to plan for and respond to today’s increasingly sophisticated, targeted threats from cybercriminals, hackers and nation states. Dell SecureWorks’ highly skilled responders and digital forensic experts can be rapidly activated to contain, eradicate and remediate security breaches.
Retired Col. Jeffery R. Schilling, Director, Incident Response, Dell SecureWorks (Photo: Business Wire)Led by Col. (Retired) Jeff Schilling, former director of the Army's Global Network Operations and Security Center (AGNOSC) under the U.S. Army Cyber Command, Dell SecureWorks’ IR team leverages global intelligence from the company’s Counter Threat Unit™ (CTU) and Security Operations Centers (SOCs) to resolve complex, large-scale and highly sophisticated threats. Dell SecureWorks’ security solutions help organizations stay abreast of emerging threats, proactively fortify defenses, continuously detect and stop cyber-attacks, and recover quickly from security breaches. The expanded IR service portfolio includes:
- Advanced Threat Preparedness Assessment service assesses organizations’ capabilities to resist, detect and respond to an attack by an Advanced Threat actor. The detailed review evaluates Organizational Intelligence Capabilities, Policy and Documentation, Technical Capabilities, and Personnel Management.
- Denial of Service (DoS) Preparedness Assessment services will help organizations understand their abilities to withstand Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, and are designed to ensure they have a tested response methodology in place. The services include capabilities reviews, tabletop exercises and DoS/DDoS stress testing under real-world conditions.
- Advanced Threat Tabletop Exercises evaluate an organization’s ability to respond to a targeted attack. Tabletop exercises incorporate intelligence on the Tactics, Techniques and Procedures (TTP) of targeted actors such as cybercriminals, “hacktivists” and nation-states to heighten operational learning. These exercises ensure IT incident response teams practice documented response procedures, and highlight gaps or issues with their Computer Security Incident Response Plan (CSIRP).
The CTU is currently tracking the following threat indicators:
- 2,200-plus Advanced Persistent Threat (APT) domains
- 23,800-plus APT Command and Control (C2) sub-domains
- 1,300-plus hardcoded APT C2 IPs
- More than 300 APT malware families