Cisco Security and Cybereason

Cybereason and Cisco have partnered on integrations to deliver a comprehensive view of threats across clouds, endpoints, and the many ways we work today. With XDR, data from Cisco ISE, Firepower NGFW, ASA Firewall, AnyConnect VPN, Umbrella Firewall, Email Security, and Umbrella DNS & Web Gateway can be fused with broader endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including lateral movement, suspicious network traffic, and signs of command & control.

empow is now part of Cybereason.

Product Integrations

• Cisco XDR: In Cisco XDR, we enable Cybereason users to leverage it for threat hunting and investigation features, as well as rapid response actions to understand and defend against threats on the endpoint.
• Use the Cybereason integration to search for security detections involving specific hostnames, host GUIDs, or filenames. Cybereason can also be used through Cisco XDR to isolate hosts from the network and block file hashes on endpoints.
• Note: This integration requires Cisco XDR Advantage or XDR Premier licensing tier.
• Secure Malware Analytics: Cybereason's empow is a prescriptive security analytics and orchestration platform. empow integration with Cisco products provides the following: correlating alerts from network sensors, such as Firesight IDS or Malware Analytics sandbox, as well as alerts from other tools, into attack stories.
• Secure Endpoint: Cybereasons's empow Security Abstraction Platform is a prescriptive security analytics and orchestration platform, integrating with Secure Endpoint.