Guest

Cisco Cognitive Threat Analytics

Breach detection and analytics

Now you can automatically investigate suspicious web traffic. Cognitive Threat Analytics quickly detects and responds to attempts to establish a presence in your environment and to attacks that are already under way. All without additional hardware or software to deploy.

AS88216-100x80

Free Evaluation

Discover breaches in your environment today.

Sign Up Now

Features and capabilities

Stop threats in your network

More than 90 percent of attacks use the web for command-and-control communication. Yet employees visit thousands of websites every day without a thought to their legitimacy. Nor do they know what those websites might be serving up. Cognitive Threat Analytics analyzes anomalous web traffic. It pinpoints attacks before they can begin to exfiltrate sensitive data.

Rapidly detect threats

Threats can be botnets, rootkits, malvertising, or any other piece of malware. Most of them will attempt to establish a presence within an organization’s environment. Cognitive Threat Analytics detects advanced threats attempting to communicate with a command-and-control infrastructure, usually within 2 to 3 hours.

Endpoint Integration

The integration with AMP for Endpoints pushes CTA detection events into AMP for further investigation, giving you an added level of visibility and increased detections. Users gain visibility into devices where a connector cannot be installed, such as personal devices, BYOD, and critical servers, then see results from both systems in one place, reducing time to detection of new threats.

Stop data exfiltration

Many organizations must protect trade secrets or risk financial ruin. Cognitive Threat Analytics:

  • Identifies both the source and the destination of web traffic. It verifies the legitimacy of the destination, notes the size and type of information that is being returned, and checks what other domains are being communicated with.
  • Can detect the exfiltration of your most sensitive data, whether over HTTP, HTTPS, or even anonymous protocols such as Tor.

Drastically reduce investigations

By identifying confirmed threats, Cognitive Threat Analytics:

  • Eliminates false-positive alerts
  • Reduces the amount of time investigators spend determining the root cause of an incident
  • Helps your IT team quickly remediate threats and focus on running your business

Easily integrate with other technologies

Cognitive Threat Analytics:

  • Uses Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Indicator Information (TAXII)
  • Integrates with existing security monitoring technologies, including security information and event management (SIEM) platforms
  • Automates responses with an established workflow

Specifications at a Glance

  • No software or hardware to deploy
  • Initial results within hours of baselining
  • Available as add-on license to Cisco Web Security Appliance, as part of Cisco Cloud Web Security Premium, or as a standalone solution that can analyze third-party proxy logs
AS89996-100x80

Protect against web-based threats

Learn how we helped a transportation company catch what its antivirus software missed.

Read case study
Data Sheets and Literature

Let Us Help