We just raised a $30M Series A: Read our story

Secureworks Red Cloak Threat Detection and Response OverviewUNIXBusinessApplication

Secureworks Red Cloak Threat Detection and Response is #5 ranked solution in top Security Incident Response tools. IT Central Station users give Secureworks Red Cloak Threat Detection and Response an average rating of 8 out of 10. Secureworks Red Cloak Threat Detection and Response is most commonly compared to Carbon Black CB Defense:Secureworks Red Cloak Threat Detection and Response vs Carbon Black CB Defense. The top industry researching this solution are professionals from a computer software company, accounting for 34% of all views.
What is Secureworks Red Cloak Threat Detection and Response?

Dell is a part of the Dell Technologies family of brands. Dell Technologies is a unique family of businesses that provides the essential infrastructure for organizations to build their digital future, transform IT and protect their most important asset: information. The company services customers of all sizes across 180 countries – ranging from 98 percent of the Fortune 500 to individual consumers – with the industry's most comprehensive and innovative portfolio from the edge to the core to the cloud.

Secureworks Red Cloak Threat Detection and Response is also known as Red Cloak Threat Detection and Response, Red Cloak TDR.

Buyer's Guide

Download the Security Incident Response Buyer's Guide including reviews and more. Updated: November 2021

Secureworks Red Cloak Threat Detection and Response Customers

Ricoh

Secureworks Red Cloak Threat Detection and Response Video

Secureworks Red Cloak Threat Detection and Response Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
RG
Solutions Architect at a computer software company with 51-200 employees
MSP
Top 5
Simple deployment with good reports and dashboard

Pros and Cons

  • "The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy."
  • "There are some automated network response portions that we want to turn up."

What is our primary use case?

I am a security consultant. I work for an MSSP, a managed service provider. I go in and evaluate what the deficiencies are. We don't sell any of these services. We're not a manufacturer, we're not a software company. We just help our clients implement the different technologies. If they don't have a SIM, we help them set one up if they need review scanning. We do pen testing, things like that. We originally started with this client as a pen test and then went on to security POS assessments, and from there, started making recommendations and we're going through that list of deficiencies.

Secureworks Red Cloak Threat Detection and Response is a SIM. It is monitoring an environment with three different business units. The business use case is that we just want a SIM that is not in-house, it's outsourced to Dell and they manage it for us, and they notify our IT staff as events are identified.

What is most valuable?

The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy.

What needs improvement?

In terms of what could be improved, there are a lot of things identified and there is a lot of continuous improvement. A lot of the things are of a short time frame and a lot are way out.

There was a tuning process but nothing specifically to call out.

As for what could be included in the next release, we are working on the basic feature set. There are probably some things that, as we move through it, we'll come across that are deficient but right now we are not that far along to know. I don't want to say that they could not do certain advancement. For example, there are some automated network response portions that we want to turn up, but we're not ready for that. I don't even know what the capabilities are there, but that's something that, probably in the next 24 months, we will move forward on.

What do I think about the stability of the solution?

In terms off stability, I work with the client so I don't own their systems, but from my perspective, running it is very easy.

What do I think about the scalability of the solution?

In terms of scalability, I don't know its limitations, but for where we have taken it, we started out with one business unit and we rolled it out to two other business units in a year's time. I thought that was pretty good.

All the endpoint management is with Red Cloak. That includes three business units, 13 sites, and a little over 2,500 endpoints.

It's pretty good in the scope of what we needed to do. We didn't have any issues with it, other than that you have to take time to set up all the feeds into it if you want to get all the logging. That was on our side, trying to work with a client or onboard all the different devices and feeds into it, from the applications to the API builds. It was straightforward, but we couldn't do it all at one time.

How are customer service and technical support?

In terms of their support, there were always things that were missing, some misconfiguration and stuff there, but that's normal. So nothing that stood out to be horrific or bad, it was all straightforward.

Which solution did I use previously and why did I switch?

All these solutions have their advantages. QRadar has a really cool portal. I'm most familiar with Splunk, so that's just familiarity but I wouldn't say it is a better interface, it's just more familiar to me. I don't have any criticism of Secureworks, which is fairly new for me.

How was the initial setup?

The initial setup was straightforward. They did the whole thing. You have to get all the feeds and the logging into it, so that took time, but it was not difficult.

What other advice do I have?

I always think it's great when a customer adds a SIM. But the thing is, all of them work really well. In terms of implementation, from a turn up standpoint, Secureworks was easier than some of the other ones I dealt with, so that was probably a good plus on their side.

On a scale of one to ten, I put Secureworks at an eight.

Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Flag as inappropriate
Product Categories
Security Incident Response
Buyer's Guide
Download our free Security Incident Response Report and find out what your peers are saying about Dell EMC, VMware, FireEye, and more!