kras99 - stock.adobe.com
Dell Technologies launched new threat detection tools and services to bolster its security offerings as customers struggle to defend against an expanding threat landscape.
The new features and expansions to existing offerings were unveiled Wednesday with a focus on data protection, incident response (IR), attack recovery and supply chain security. In addition to addressing new security challenges amid the rapid move to hybrid work and the cloud, Dell said the launch also aimed to improve customer concerns related to existing products.
Dell held a media pre-briefing Monday with Matt Baker, senior vice president of corporate strategy; Mihir Maniar, vice president of the infrastructure solutions group, edge and security services portfolio; and J.R. Balaji, director of product management, to discuss the new initiatives. During the briefing, the speakers emphasized the ongoing problem that security poses to enterprises.
"Security is a huge priority for everyone. It's perennially at the top of every spending intention list, and it's something that our customers are grappling with every day," Baker said.
Customer concerns paint a chaotic and complex threat landscape that is significantly vast, Baker said, and ransomware continues to cause business disruptions and threaten data integrity. Meanwhile, Maniar highlighted how fragmented the security market has become.
On the endpoint security side, enterprises primarily have challenges securing data, applications and devices, particularly due to the growing hybrid workforce. Breaches now happen at both the software and hardware level, Balaji said.
To address the ongoing challenges, Dell launched Managed Detection and Response (MDR) Pro Plus, a fully managed security operations service; extended its threat management capabilities with the addition of CrowdStrike Falcon response services; expanded its Secured Component Verification (SCV) offering to the cloud; and introduced a new service to protect critical data for the recovery process following a cyber attack.
The Product Success Accelerator (PSX) for Cyber Recovery service is designed to make it easier for customers to implement a Cyber Recovery vault and prioritize the most sensitive and critical data.
"We hear quite frequently [that] the challenge of what to put in the recovery vault is one of the biggest ones -- the designing process," Baker said during the briefing. "The [Product] Success Accelerator for Cyber Recovery service will help solve for this issue by providing a more isolated recovery vault to protect critical data and maintain business continuity in the event of a security incident."
For MDR Pro Plus, Dell added vulnerability assessment capabilities that cover customers from endpoint applications to the cloud. A significant aspect is how it can help enterprises prioritize patching certain vulnerabilities, which pose an ongoing problem as threat actors increasingly exploit zero days and known vulnerabilities.
Another top takeaway that Maniar highlighted was the inclusion of Incident Recovery Care, a proactive IR offering. Within two hours of a breach occurring, Dell will make initial contact with the customer to then engage in recovery services. Customers will now have the option of using CrowdStrike as well.
The expanded response and recovery offerings were designed to support Dell customers' zero-trust transitions, an architecture that vendors and security experts increasingly recommend. In addition, Maniar said the new PSX offering is targeting midmarket customers as well as enterprises that have a skill shortage and must implement zero-trust security on their own.
Supply chain security was also an important topic addressed at the briefing and highlighted by widespread attacks such as the SolarWinds breach. Balaji introduced a new cloud-based version of Dell's SCV service that provides additional security to verify that PCs and devices are delivered exactly as they were ordered and built from the factory.
This works through a certification process where security and IT teams can verify that the components are valid. Dell will create certificates of all critical components and store them in a cloud environment, and then enterprises can verify upon delivery. The new cloud-based version aims to meet the needs of global customers, including the federal customers, Balaji said.
Dave Gruber, an analyst at TechTarget's Enterprise Strategy Group (ESG), said SCV on Cloud is an elegant offering compared with other monitoring-centric approaches to validating secure configuration.
As for MDR Pro Plus focusing on proactive security, Gruber said all five of the services Dell is now offering -- 24/7 managed detection, penetration testing, attack simulations, cybersecurity training and proactive IR services -- are also being added by other MDR firms, solidifying the importance of those functions and the common challenges organizations have in operationalizing them.
One major challenge for Dell that Gruber highlighted was PSX for Cyber Recovery.
"ESG research identifies that most organizations are ill prepared in this area, despite investing in data protection solutions," he said.
The problem, he said, is that most organizations' data recovery programs were built for non-cybersecurity use cases. In the case of cyberthreats, enterprises need to orchestrate a recovery plan that prioritizes critical data while keeping the business operational.
During the briefing, Dell highlighted problems with ransomware recovery and the threat of attackers leaking stolen data. Similarly, Pund-IT analyst Charles King told TechTarget Editorial that the growing number of ransomware events tied to data breaches has increased the importance and need for improved data recovery.
"Data recovery can't address every part of a ransomware attack, like the public release of sensitive or proprietary information, but it can enable a business to get up and running, and also help to minimize financial losses," King said.
King also said he was most impressed with the sheer scope of Dell's new offerings and services, which are extended across commercial client devices and cloud workloads. He referred to them as "crucial, often vulnerable points" for enterprises that support highly distributed IT environments, such as a remote workforce.
Both Gruber and King believe the vulnerability assessment and prioritization services now offered will help enterprises tackle patching problems. Time and time again, threat actors exploit known vulnerabilities to compromise enterprise environments.
While Gruber said most organizations have already implemented vulnerability assessment programs, Dell's will help with the analysis, investigation and prioritization, which should lead to more timely patching.
King agrees it could help if used in conjunction with attack simulations and penetration testing, which are also included in Dell's new security offerings.
"Successful security is not a static process. It needs to evolve at the same or faster pace than cybercriminals and other bad actors," King said.
Dell MDR Pro Plus is globally available, though Incident Recovery Care is available only in North America. Dell PSX is available in North America. Dell SCV on Cloud will be available globally in May.
Arielle Waldman is a Boston-based reporter covering enterprise security news.