Cisco Security and Recorded Future

Recorded Future provides accurate and actionable intelligence at scale, delivered in real time. It combines automated analytics with human expertise to unite an unrivaled variety of open source, dark web, technical sources, and original research. By dynamically categorizing, linking, and analyzing intelligence in real time, the platform delivers easy-to-consume insights for proactive and persistent risk mitigation, via role-based modules that are tailored to your needs. This is all made available via the Intelligence Cloud Platform and the associated modules to address the use cases of the different teams across an organization.

Recorded Future integrates with both Cisco XDR and Cisco Umbrella Investigate to accelerate time to detect and investigate threats.

Product Integrations

• XDR Investigate: The Recorded Future integration with SecureX allows you to enrich cyber observables with high-confidence intelligence collected by Recorded Future. It displays the vulnerabilities of a cyber observable, based on the combined evidence from Recorded Future. This integration allows you to query IPv4, IPv6, SHA-1, SHA-256, MD5, domain, and URL data types and it returns verdicts, judgements, indicators, and sightings.
• Umbrella Investigate: Cisco Umbrella Investigate’s threat intelligence on domains, IPs, networks, and malware can be accessed via an extension built into Recorded Future Intel Cards. Starting from a single piece of data, incident responders can query and find associated domains, IPs, ASNs, and file hashes, drill down on specific behavior indicators, and pivot directly into the Investigate console for additional research. In a single correlated source, Investigate’s threat intelligence enables security teams to uncover threats and tighten the gap between threat detection and remediation.