SecureWorks threat intelligence and what it can do for your enterprise
Expert Ed Tittel examines the features and capabilities of SecureWorks, which gathers its intelligence from thousands of SecureWorks global customers.
SecureWorks Inc. is a Dell spinoff that offers global threat intelligence and targeted threat intelligence to customers, along with malware analysis, reverse engineering, managed security, security and risk consulting, incident response, and cloud security.
SecureWorks Global Threat Intelligence is a generalized, or nontargeted, threat intelligence service developed by the SecureWorks Counter Threat Unit (CTU) research team. Intelligence is based on threat data collected across thousands of SecureWorks global customers, which is then filtered and analyzed by CTU security researchers.
SecureWorks customers use this intelligence to understand the landscape of emerging threats; threat actors and their evolving tactics, techniques and procedures; known, but significant, threats; and newly identified vulnerabilities. Intelligence reports include guidance for customers to take the appropriate actions to secure their environments.
SecureWorks Targeted Threat Intelligence, on the other hand, can be tailored to a customer's environment, organization (brand) and executives to identify potential threats and threat actors that represent a probable risk.
Enterprise Brand Surveillance provides ongoing, real-time monitoring of information outlets to identify threat actors targeting a particular organization. Information Briefs and Threat Profiles are one-time reports that show the type of information an attacker could gather at a point in time about an organization and/or its management.
SecureWorks intelligence services also include regular intelligence summary reports, emerging threat bulletins and live threat intelligence webinars.
Regarding CTU support, customers may request threat and vulnerability information from CTU researchers, who typically respond within one day of the request. The CTU can also provide custom malware analysis.
Customers of SecureWorks threat intelligence can access intelligence information, data feeds and more through a SecureWorks customer portal. The portal features several dashboards that display the number of relevant events by severity, customer event analysis, a source countries map, business risk trends and more.
SecureWorks threat intelligence data feeds
Global Threat Intelligence offers three types of data feeds on a subscription basis:
- The vulnerability feed includes detailed descriptions and recommendations to address current vulnerabilities.
- The threat feed includes in-depth analysis of emerging threats, including malware analysis of Trojan horses, rootkits, worms, etc.
- The advisory feed includes strategic security reports about significant events, attacks and threats, along with actionable recommendations.
Customers may receive data feeds in STIX, CSV or XML format.
SecureWorks threat intelligence typical customer
SecureWorks supports customers of all sizes and across all industries, such as government, financial services, healthcare and retail. The SecureWorks threat intelligence customer base includes small to midsize businesses, large enterprises and Global 500 customers.
SecureWorks threat intelligence pricing and licensing
SecureWorks offers a range of threat intelligence tools, which are priced depending on customer need and scope of service. For example, customers can choose to subscribe to an ongoing service or opt for a point-in-time service, if needed.
Annual subscription pricing for SecureWorks threat intelligence services begins at about $2,000, and can increase to over $200,000 for high-profile, large enterprises or agencies. In addition, customers can purchase add-on services that provide a deeper analysis and level of support from the CTU.
SecureWorks threat intelligence support
Customers can contact SecureWorks via phone or email for assistance with the customer portal, or to report an incident or vulnerability.
Dig Deeper on Risk management
-
![]()
The Security Interviews: Rebecca Taylor, SecureWorks Counter Threat Unit
By: Alex Scroxton
-
![]()
ALPHV/BlackCat operation down, but maybe not out
By: Alex Scroxton
-
![]()
Ransomware dwell times now measured in hours, says Secureworks
By: Alex Scroxton
-
![]()
Cyber world hails downfall of Qakbot trojan
By: Alex Scroxton
