We changed our name from IT Central Station: Here's why

What needs improvement with Secureworks Red Cloak MDR?

Please share with the community what you think needs improvement with Secureworks Red Cloak MDR.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
22 Answers

author avatar
Top 5LeaderboardReal User

Tamper-proofing or tamper protection is still pending in Secureworks. Tamper protection will make it more secure. If I'm an admin of a device, I can uninstall an agent without the knowledge of the security or Secureworks admin. If someone gets hold of one endpoint with admin credentials, he can remove anything, and an organization will lose visibility. They need to work on providing more visibility across endpoints. A couple of times it has happened that the cloak agent is there, but it did not get activated, or there were some issues. The machine was restarted, but the cloak agent didn't run. In such cases, you have to troubleshoot. It is a big issue if a cyber attack is happening, and your machine is rebooted, but the events are not captured.

author avatar
Top 10Consultant

The solution could work on its simplicity. Dell Secureworks is for higher-end customers and it's not quite as straightforward to implement or to get up and running as some of the other solutions. They do provide an engineer for the first few weeks to help you get things implemented, however, there's a lot of bells and whistles with Dell Secureworks. That's a disadvantage for smaller customers. With a lot of the other easier solutions available to smaller customers, you just stick a box in there and set it and forget. With Dell Secureworks it's more hands-on.

Find out what your peers are saying about Dell EMC, CrowdStrike, SentinelOne and others in Managed Detection and Response (MDR). Updated: January 2022.
565,689 professionals have used our research since 2012.