Ansys trusts Red Canary and Microsoft Defender experts for turnkey cyberdefense

Chances are that every modern device you touch was influenced in some way by Ansys, a leading provider of engineering simulation solutions. Engineering simulation is the magic launch pad for everything from cars and aircraft to hydroelectric facilities. Ansys also has ideas for using engineering simulation to combat climate change. “Our simulation solutions can help improve every clean energy technology you can think of,” says Dave Coughanour, Vice President of Cybersecurity at Ansys.

With its slogan, “Take a Leap of Certainty,” the engineering software company boasts a 50-year history of fearless innovation. Ansys trusts Red Canary to protect its most valuable assets—the engineering software and related solutions that launch cutting-edge inventions. The two companies chose Microsoft Security solutions to build proactive cyberdefense.

Overcoming the “tyranny of time”

Cybersecurity challenges do not rest. Ansys knows that as its workers on one side of the planet sleep, malicious actors on the other side could be launching attacks. And while the company has a significant workforce, hiring a round-the-clock security team large enough to handle the multitude of alerts that come in through the Ansys security incident and event management (SIEM) system didn’t pencil out. The highly specialized nature of the Ansys product line necessitates having its own small team, grounded in the contextual nuances of the business, so it can address highly specific types of threats. But the company needed help to defuse what Coughanour calls the “tyranny of time.” “We’ll never have enough people to cover all the hours of the day,” he explains. “The peace of mind we get from that expert, constant coverage helps us sleep better. That’s why Red Canary is so critical to our cybersecurity.”

Protecting customers end to end, 24 hours a day

Red Canary fills the gap for companies that have important IT investments to protect but can’t justify the major outlay necessary to staff a comprehensive security operations center (SOC). “Our customers put an incredible amount of trust in Red Canary,” says Seth Geftic, Vice President of Product Marketing at Red Canary. “We are an extension and an ally of their security team—we monitor their environment constantly, looking for everything from run-of-the-mill threats to sophisticated attacks that otherwise might slip through the cracks. We defend our customers relentlessly.”

The evolving threat landscape calls for constant vigilance and a sophisticated approach. “You don’t just need smart people to defend against cyberthreats—you need smart people looking in the right places,” explains Geftic. Red Canary’s intelligence team of experts augments its knowledge with automation—an approach that Geftic describes as “a service led by humans but powered by automation.”

The prevalence of false positives among the constant inflow of threat alerts (shown below) is a major part of the reason that it’s so costly to adequately staff a Security Operations Center (SOC. Red Canary combines the automation it has created with Microsoft solutions to correctly identify the needles in a digital haystack, freeing up its customers’ security teams to deal with threats they can’t outsource to an external company. The partnership reduces threat fatigue because Red Canary prioritizes real threats and provides “incident handlers”—specialized cyberdefense staff that walk a customer through remediation. “Most of our competitors either don’t offer this service, charge additional fees for it, or refer the customer to another vendor,” says Cordell BaanHofman, Red Canary’s General Manager of the Microsoft Security partnership. “It’s included as part of our service.”

That streamlined avenue to remediation also gives Red Canary customers the all-important advantage of speed. “The speed at which we can detect and remediate a threat can give our customers a huge advantage, as in the case of the Kaseya threat,” adds BaanHofman. “While the rest of the world was scrambling over their holiday weekend, our customers were enjoying their barbecues and relaxing because they were confident in the protection we gave them.”

That coverage and the peace of mind it gives customers is especially critical to Ansys, which has several different endpoints that create telemetry and alerts that can overwhelm a small security team, distracting them from subtle, but credible threats. As the chart below shows, sorting genuinely suspicious behavior and actual threats from the sea of threat data takes a process of continuous filtering. Red Canary uses its combination of human expertise and automated detection to cut through the onslaught, analyzing the correlations between events to confirm severe and imminent threats. For Ansys, that means enjoying more barbecues and expending less energy on false positives—less burnout for its security teams. And when Red Canary lets the cybersecurity team know that it is go time, they have the lead time, support, and tools to respond—or the option of asking Red Canary to respond on their behalf.

Safety in numbers, magnified by technology

Just as Microsoft Security solutions combine the vast trove of signals gathered from the estates of millions of customers to sharpen its Microsoft Defender solutions, Red Canary magnifies the advantage of threat intelligence gathered from its customers. Yet each customer’s privacy is preserved; they see only their own data. And because Red Canary and Microsoft share threat data, the expanded threat visibility benefits everyone. “All of our customers benefit from being part of a protected community,” says BaanHofman. “Our global view of the attack surface makes it possible for us to build and deploy detectors that block threats.” Adds Geftic: “We’re always working to speed detection and reduce mean time to respond. That’s how we limit risk to our customers, and to do that, we continue to increase the workloads we cover with Microsoft solutions.”

From Coughanour’s perspective, that means enhanced, proactive security. “We have the advantage of a global community with Red Canary and Microsoft,” he muses. “Our partnership gives us maximum visibility into cyberthreat trends and remediations.”

Building security with the Microsoft tool set

Ansys relies on Microsoft Security solutions, including Microsoft Defender for Endpoint and Defender for Cloud Apps, making Red Canary a natural MDR fit. “When Red Canary announced its Microsoft Defender support, it was a no-brainer for us because we had already instrumented our entire environment with Microsoft Defender for Endpoint,” says Coughanour. “The Microsoft platform is mind blowing, especially if you have E5 licensing,” he adds. “We’ve used Carbon Black, Tanium, and the Cisco FireAMP setup. The Microsoft stack is my favorite, especially for environments with strong cloud usage and Office 365. It includes Defender for Endpoint, which is baked into the operating system, and a good endpoint detection and response package.” For him, the connected platform is a key productivity amplifier. “Defender for Endpoint talks to everything else in the Microsoft stack. So, you can pivot from it and go straight into Defender for Cloud Apps for the cloud security side of the house, or to Microsoft 365 for the collaboration side of the house very easily. It’s a great platform.”

The Red Canary platform aligns strongly with the Microsoft Defender suite—the Red Canary team added its expertise to the development of the Microsoft Defender Experts for Hunting solution. “Microsoft’s commitment to its partners, to its customers, and to cyberdefense as a whole shows that they truly listened to feedback and aligned to that global need,” says BaanHofman. “We’re now much more positive that Microsoft Defender Experts for Hunting will add more value to our business. That’s why we decided to help Microsoft design it.” He expands on the value of the tightly coordinated tool set: “We absolutely need Microsoft Defender for our work. It’s a super powerful tool at the core of what we do.”

The collaboration between Red Canary and Microsoft continues. “Red Canary has witnessed that Microsoft has come the farthest the fastest of any security vendor that we worked with,” continues BaanHofman. “We have a leg up on threat hunting with the Microsoft Defender suite because we see the raw telemetry from our customers. No other single partner can give us visibility across such a wide spectrum of security workloads, from endpoint and cloud to identity and apps.”

Following a roadmap to success

Given the complexity of so many IT landscapes, BaanHofman knows that like Ansys, many customers with largely Microsoft estates may also have other solutions in place. Microsoft      interoperability with third-party solutions translates to unfettered opportunity for partners like Red Canary. “Working with Microsoft gives us a solid roadmap to add value for our customers,” he says. “As Microsoft expands and gives us future-looking tools and connection points, so grows our ability to support a greater share of our customers’ ecosystems.”

Despite the press about evolving threats, Coughanour is optimistic. “Cybersecurity is actually getting easier because today’s tools blow away those of 10 years ago,” he says. BaanHofman agrees. “The tools are more effective, and customers like Ansys who are mature in their approach add a multiplier effect.”

Red Canary continues to collaborate with Microsoft, looks forward to continued growth, and protecting more customers against threats. “Microsoft is far and away the best partner we could have to achieve all of our goals—they cover so many aspects of security,” concludes BaanHofman. “We’re strongly aligned with Microsoft in our mission to empower customers and protect against threats.”

Find out more about Ansys on Twitter, Facebook, and LinkedIn.

Find out more about Red Canary on Twitter and LinkedIn.