Jeevan ThankappanCan you tell us what the Sophos deal means to your customers and partners?
Absolutely. We see a great opportunity to build a broader, stronger security portfolio. There are mutual strengths that we can combine, and that’s the vision: to serve small, medium, and enterprise customers. At Secureworks, we’ve primarily focused on mid-sized to enterprise customers, whereas this deal leans more toward the SMB segment. Together, this gives us a full-spectrum capability to serve customers by leveraging our respective technologies.
Sophos has a leading channel partner go-to-market model and an exceptional partner ecosystem. In fact, when we first entered the market, many partners pointed to their model as one to emulate. While we’re still early in our journey—just over a year and some change—we see this deal as a way to accelerate our joint go-to-market approach.
I think there are a couple of key points. First, with this combination with Sophos, we should become the number two MDR player in the world. That’s not a small achievement—it’s significant for customers to know that we have the resources to invest in both our team and their development, as well as in the technology platform that supports them.
What would you say differentiates Secureworks in the XDR and now the MDR market?
What has always set Secureworks apart will continue to differentiate us. This includes the unique combination of a technology platform powered by 25 years of threat intelligence, the way we originally built the company—with some of the best security operations centers globally—and the third pillar: our advisory and consultative services. These services help customers mature their security programs over time and support them through various initiatives, such as acquisitions or adapting to other changes in their business.
These three elements remain central to our value proposition. With this combination, we’ve simply made them bigger, better, and stronger as we move forward.
Secureworks started in 1998. How has the vision evolved ever since the creation of Secureworks?
We started out by providing managed security services at a time when even the market didn’t fully understand what those were or why they were needed—unless they were a financial institution. Over the years, as threat actors began targeting organizations beyond government and financial institutions, the number of security products, point-prevention solutions, and security controls expanded significantly.
As Secureworks, we were leading the Gartner Magic Quadrant for services and managing an ever-growing number of point products. What we and our customers discovered was that it’s extremely challenging to scale and operate effectively across so many tools. Initially, we managed around 30 different leading controls, but that number eventually grew to over 300. This complexity led to the vision for building what we now call an XDR platform. The goal was to bridge the gap between security operations and automate workflows across all these technologies in an interoperable way for security purposes.
This vision culminated in the creation and launch of the Taegis platform in 2019. It was never about moving away from our security services heritage—it was about ensuring our services could stay ahead of evolving threat actors, especially in the age of AI and automation.
This is the age of AI. Do you leverage AI and ML within your platform as well?
Yes, we do. The Taegis platform was originally envisioned to address both the data challenges and opportunities in the security domain. We have a tremendous amount of data in the platform, which is utilized for training models for our proprietary detectors. It is also used to predict where threat actor attacks may occur.
The platform incorporates a risk-scoring model that leverages machine learning and statistical learning. Additionally, we utilize automation within the platform. As I mentioned, the dwell time for threats has dropped from five days to just 24 hours. This is due to the powerful, automated, and recommended response mechanisms, which ensure that actions are taken quickly and correctly the first time.
