Taegis Health Check
Service Overview ⫘
Periodically, you may want to understand how well you are leveraging your Secureworks® Taegis™ platform and how your automated processes, custom rules, reporting, and technology integrations are benefitting your security posture. The Taegis Health Check focuses on your XDR tenant and provides actionable recommendations to drive better platform adoption and maximize value from your investment.
The Taegis Health Check provides a complete tenant overview, but chiefly focuses on three key areas of operation:
Data Ingestion ⫘
Data Collection Overview
XDR searching and alerting capabilities are dependent on data ingested from your assets and cloud services. This data needs to be normalized and parsed inline with our detailed requirements to ensure correct schema alignment. In this module, we analyze the integration and asset data coming into XDR and provide feedback when we observe sub-optimal data ingestion practices, ensuring that you can be confident that your event data is maximizing XDR detection possibilities.
Automations ⫘
Investigation Count, Rate & Resolutions
Through our engagements with our customers, we know that many Security Operations Centers are resource constrained. To reduce the potential impacts of this challenge, process automation and proactive responses are a core feature of XDR. In this section of the Health Check, we analyze the current utilization of the playbooks and connectors in your tenant and provide actionable feedback as to where improvements can be made. We will also make recommendations for additional automations that would benefit based on your integrated assets as well as alert trends and investigation handling.
Customizations ⫘
Every business has its own use cases that can be linked to regulatory requirements or internal security use cases. To support these needs, XDR provides multiple opportunities for customization including:
- Custom rules for business defined use cases
- Custom parsers to normalize and parse data from currently-unsupported data sources
- Custom automations providing proactive responses or enrichment and notification of SOC processes
- Auto investigations to promote alerts of interest to SOC personnel
- Service, platform, and operational reporting
To ensure that you are using these important features optimally, we analyze and document your use of these areas and provide actionable, best-practice recommendations for enhancement.
Report Delivery ⫘
Key SOC Metrics Overview
Once all of the modules have been analyzed, we will create a report and present our findings to you for discussion. The report will provide an overview of the perceived tenant health aligned to the three core areas and the observations and recommendations for each area. All of our recommendations are actionable, meaning that changes can be made within the tenant to immediately improve and enhance your XDR experience.
Enhancement Session ⫘
The final element of the Health Check is the Enhancement Session. This three-hour session will look to implement as many of the recommendations made within the report as possible to enhance your XDR experience. Typical outcomes from these sessions can include:
- New asset or integration onboarding assistance
- XDR standard playbook creation
- XDR custom rule or report creation
- Ad-hoc training on XDR-related topics
Scheduling and Booking Information ⫘
To find out more or to book a Taegis Health Check, contact your Account Manager or Customer Success Manager.