Cisco Cyber Threat Defense

Cyber Threat Defense Overview

An advanced threat detection and response system. (3:46 min)

Protection from Advanced Threats Starts Here

Advanced security threats can penetrate your network and persist for months or more. These threats can operate below your radar while stealing vital information and disrupting operations. Cisco Cyber Threat Defense (CTD) provides a Cisco-validated framework of best-in-class tools that accelerates your implementation of an advanced threat detection and response system.

Cyber Threat Defense exposes advanced threats using the following automated capabilities:

  • NetFlow analysis—Identifies suspicious network traffic patterns inside the network
  • File analysis—Performs reputation scoring and dynamic analysis of files traversing the network
  • Deep-packet inspection—Identifies exploits that can lead to system compromise
  • Log analysis—Uncovers stealthy activity that may be spread across days, weeks, or months

Once exposed, advanced threats can be mitigated using:

  • Restricted access for compromised devices to network resources
  • Dynamic inline blocking
  • Endpoint-based remediation

Through Cyber Threat Defense, security analysts gain visibility and control over advanced threats. Specifically, the solution is designed to:

  • Detect network reconnaissance, including network probing that aims to identify attack vectors
  • Block known threats that are potentially part of a larger coordinated attack
  • Detect and block Command and Control (CnC) traffic between the attacker and compromised internal hosts
  • Track and remediate internal malware propagation aimed at gathering information and disrupting operations
  • Continuously monitor assets for indications of compromise

Solution Components

The Cyber Threat Defense solution is built on the following components:

Additional Resources

Let Us Help

Detect, Mitigate Advanced Threats

Get technical guidance for Cisco Cyber Threat Defense (CTD) from the Cisco Support Center.

Find Support Resources

Cisco 2015 Annual Security Report

Learn how attackers profit from gaps between defender intent and action.

Download Report