Dell has strengthened its security portfolio with new threat detection and recovery tools designed to help customers combat an ever-evolving security landscape. Unveiled Wednesday, these capabilities address data protection, incident response (IR), attack recovery and supply chain security.
Dell’s managed detection and response service, MDR Pro Plus, leverages its security expertise with Secureworks Taegis XDR software agent to offer 24×7 security support to security operations teams. Additionally, it expands threat management capabilities with CrowdStrike Falcon; provides cloud-based component verification for Dell commercial PCs; and introduces a service that protects critical data during cyber attack recovery.
Managed Detection and Response (MDR)
Detecting threats in today’s security environment can be a daunting challenge, particularly as the number of cyberattacks grows. According to a study from Ponemon Institute, organizations take an average of 191 days to detect and contain cybersecurity incidents – time that could better be put towards other aspects of an organization’s business.
To effectively block these attacks, you need a comprehensive strategy that keeps up with the latest threat detection methods and technologies. That is where Managed Detection and Response (MDR) comes into play.
These solutions combine technology and security expertise, along with analytics, to offer threat detection and response recommendations in cloud, hybrid, and on-premises environments. To do this, they analyze security information and event management (SIEM) data, logs, events, networks, endpoints, user behavior as well as threat intelligence to stay ahead of attackers and respond promptly when attacks take place.
MDR vendors also employ human experts who monitor alerts and take immediate action upon them, decreasing the mean time to response (MTTR). This is especially beneficial for organizations with large multi-site networks who lack the staff or resources required to keep an eye on everything 24/7.
Most MDR solutions boast a team of analysts with extensive expertise and skillset, equipped to detect and address threats. This makes MDR services more reliable than other options like managed security service providers (MSSPs), which only supply tools.
Many MDR services also have dedicated teams that specialize in specific types of attacks, like phishing or ransomware. These teams are skilled at recognizing exploits that may target your organization and taking steps to prevent future incidents from taking place.
Selecting the ideal MDR vendor is essential for protecting your company’s sensitive data. Look for a provider with an established reputation and experience working with businesses similar to yours, as well as checking references and online reviews before making your final decision.
When an incident is detected, you should inquire what processes they will employ to remediate the data in your system. Furthermore, ensure you can reach your MDR team 24/7 to report issues and receive support.
A reliable MDR vendor should have a single, central console to manage all alerts and issues in the customer’s environment. This enables the MDR team to efficiently hand off work to internal security teams without slowing down response times or creating new points of friction.
MDR vendors are highly-trained at recognizing and responding to new threats, so they should be able to detect a wide range of vulnerabilities – even those you may have overlooked or never noticed before. Furthermore, they should have access to up-to-date threat intelligence databases so they always have the most up-to-date data about current threats.
CyberSense for Dell PowerProtect Cyber Recovery for AWS
Dell is expanding its security portfolio with new threat detection and recovery tools designed to assist organizations in combatting ransomware attacks. It has released CyberSense for Dell PowerProtect Cyber Recovery for AWS, which allows customers to monitor files hosted in the cloud, identify the last known uncorrupted copy of data for faster recovery processes, as well as machine learning and forensic tools for investigations.
CyberSense, now available on AWS Marketplace, utilizes adaptive analytics, metadata and machine learning to proactively monitor files and databases and detect if a cyberattack has taken place. It also allows companies to complete files faster by scanning metadata for malicious content – speeding up the search for malicious files, malware and suspicious activity, according to Dell.
CyberSense is designed to facilitate data recovery from cloud environments, as it detects and restores the last known uncorrupted copy and locates the original backup source to help safeguard restored information more securely. It can also be utilized for damage assessment, forensics work, eDiscovery needs as well as other services.
In addition to CyberSense, Dell has released Product Success Accelerator (PSX), a managed service for cyber attack recovery on AWS. PSX provides customers with three levels of support – Ready, Optimize and Operate – throughout the duration of their subscription.
Dell’s Incident Recovery Care team also offers quarterly assessments, recommendations and restore simulations as part of a package offered at pay-per-use rates that can be deployed by both existing customers as well as new ones.
Dell’s response to the growing need for data security from endpoints to core and across all clouds is an excellent illustration. Additionally, it shows how Dell is capitalizing on existing partnerships with cloud providers in order to expand their multicloud offerings.
The Dell PowerProtect Data Manager Appliance is a revolutionary system designed to make data security an accessible reality. It features software-defined architecture that automates asset discovery and protection, plus unique VMware protection that guarantees all VMs remain up and running without any business disruption.
As a comprehensive data management solution, the debut system supports numerous use cases and scales from 12 to 96 terabytes. It offers an intuitive unified user experience for data management, replication, and disaster recovery tasks.
Dell is also integrating its Data Domain software with CrowdStrike’s Falcon security platform for enhanced safeguards and response against threat attacks, according to Balaji. This integration offers advanced data encryption, file integrity monitoring, phishing protection and other tools designed to shield users against malware attacks and other cybercrimes.
Dell is expanding its strategic cybersecurity partnerships with some of the world’s largest public cloud providers, such as Amazon Web Services and Microsoft Azure. Additionally, it has formed a strategic alliance with Snowflake – which offers cloud-based analytics for on-premises data. Together, these partnerships will enable joint customers to use Snowflake analytics on-premises object storage which can be backed up to Dell’s own storage arrays or external vendors’ clouds.
Dell EMC Cyber Recovery
Dell is expanding its security portfolio with new threat detection and recovery tools to protect customers’ data and business processes. The company unveiled CyberSense technology, Dell PowerProtect Cyber Recovery service and software for storing isolated copies of key data in a hardened vault that can be automatically restored in the event of ransomware attack.
CyberSense technology adds an intelligent layer of protection to the PowerProtect Cyber Recovery solution, automatically detecting and replacing corrupt files. Utilizing statistical-driven machine learning techniques as well as full content indexing, this software scans for signs of corruption or other data integrity threats so as to identify potentially compromised files before they cause irreparable harm.
PowerProtect Cyber Recovery’s existing capabilities combined with CyberSense create a formidable barrier against ransomware and destructive cyber attacks. This new tool also features automation, workflow and security analytics features that guarantee gold copies of critical data are preserved yet accessible, enabling business processes to resume quickly after an attack.
CyberSense also adds an extra layer of protection for data stored in Cyber Recovery vault, by automatically detecting signs of potential ransomware corruption and providing automated forensic data restoration. This utilizes Index Engines’ CyberSense analytics to detect these indicators and provide automated, forensic data restoration.
CyberSense can also serve as a testbed for potential remediation efforts by detecting and replacing malicious files with their last known good copy. This capability is especially valuable in an era of increasing ransomware activity and data loss, according to Dell EMC.
CyberSense will also notify Dell EMC and its ecosystem partners of an impending attack, expediting forensics and damage assessments as well as helping remove malware before it causes further disruption to a customer’s business operations.
The company is currently promoting this new offering through its channel partner program. It is currently available in the United States and will be expanding into other regions later this year.
Dell is offering customers managed detection and response (MDR) services as part of its overall security strategy, including vulnerability management, penetration testing, breach simulations, employee cybersecurity training. Dell hopes to drive MDR as-a-service sales by partnering with customers’ IT teams to manage these solutions and reduce the burden placed upon them.
With their MDR offering, Dell has released a new version of PowerProtect Cyber Recovery that is now accessible on Microsoft Azure. This marks the first time the product has been deployed on a hyperscaler platform; previously only accessible with Dell hardware or through private cloud service provider Faction.