Cisco Security and Certego

Certego is an innovative Managed Detection and Response Service Provider offering comprehensive, professionally delivered and cloud-based Computer Security Incident Response and Threat Intelligence Services.

Product Integrations

• Secure Endpoint: With Certego Tactical Response for Cisco Secure Endpoint, monitored endpoints are monitored by the Certego PanOptikon SOAR platform. When Certego IRT detects malicious activities on a specific host in the customer's network, it can isolate compromised hosts to block the attack, even without requiring the user to access the Cisco Secure Endpoint Console. Benefits include:

   

  - Reduce the time needed to contain a cyber security incident
  

  - Prevent additional attacks or infections

  - Lower the risk associated to ongoing incidents (e.g. by blocking resources related to further infection steps)

  - Reduce workload of the customer

• Identity Services Engine/pxGrid: When Certego IRT detects malicious activities on a specific host in the customer's network, it can isolate compromised hosts to block the attack, even without requiring customer interaction. The customer should configure a dedicated policy in his Cisco ISE and then define in what circumstances the Tactical Response is applied by Certego analysts (based on the incident's severity and other metrics). When Certego PanOptikon detects a malicious activity that matches the rules of engagement, the involved hosts will be isolated automatically.