Cisco Security and OpenText

OpenText™ EnCase™ security solutions empower security analysts with comprehensive capability to detect, triage, investigate and respond to incidents quickly and completely. Providing mission-critical incident investigation, DFIR and EDR solutions, OpenText EnCase delivers solutions allowing organizations to tackle the most advanced forms of attacks on the endpoint, whether from external actors or internal threats.

Product Integrations

• Secure Malware Analytics: Cisco’s Secure Malware Analytics (Threat Grid) Malware Analysis and Intelligence for EnCase® provides direct integration with Threat Grid, the first unified malware analysis and threat intelligence solution. After OpenText EnCase Forensic, EnCase Endpoint Investigator or EnCase Endpoint Security has identified an unknown threat on an endpoint, Threat Grid provides in-depth analysis and correlates the attack-related artifacts with all other known malicious activities to help analysts quickly investigate and determine if malware resides in other parts of the network or if the incident should be closed. The included browser Extension can be used to search Threat Grid for suspicious processes, IP addresses, registry keys and domains from EnCase.
• Secure Firewall: The Firepower Management Center correlation and event rules engine can be configured to initiate Remediation modules developed by OpenText and designed to hand event specifics to the management platform. OpenText can then automatically dispatch EnCase to an endpoint and perform "digital forensics" about the state of the impacted machine. This integration automates an otherwise manual task, save analysts time, and minimizes impact.