Secureworks iSensor
The Secureworks iSensor® is a Network IDS/IPS that can be deployed as either a virtual or physical appliance within your network. It leverages Secureworks proprietary signatures to detect and prevent network-based threats in real-time. In addition, the iSensor automatically downloads Secureworks curated Threat Indicators (IP addresses and Domains) to identify malicious connections as they occur on your network. iSensor is a separately contracted feature that may be included with Secureworks® Taegis™ ManagedXDR.
The iSensor also continuously collects network telemetry that may be used in the following detectors:
- Domain Generation Algorithms
- Rare Program to Rare IP
- Stolen Credentials
- Tactic Graphs™ Detector
- Punycode Detector
- IP Watchlist
- Domain Watchlist
MITRE ATT&CK Category ⫘
MITRE mapping is based on the alerting signature.
Provided Data from Integration ⫘
- Alerts, NIDS, Netflow