Cisco Secure Malware Analytics (formerly Threat Grid) Partners and Integrations

Strengthen your security

Take advantage of Secure Malware Analytics’ integration across the Cisco Secure portfolio. And, integrate it with third-party security technologies.

Cisco Secure Firewall Malware Defense

Cisco Secure Firewall Malware Defense provides visibility and control beyond point-in-time detection. It protects against highly sophisticated, targeted, zero-day, and persistent advanced malware threats. Unknown files are immediately analyzed by our malware analysis engines. Analysis results are shared across your Cisco Secure infrastructure. You get an integrated set of controls that protect your network across the attack continuum.

Secure Firewall ASA & Threat Defense Manager

Secure Malware Analytics has been integrated with the industry's first adaptive,threat-focused next-generation firewall(NGFW), as well as the Cisco Secure Firewall ASA with Threat Defense Manager. Malware analysis engines are combined with firewall protection in a single device. You get automated sandboxing of unknown files as they try to enter the network.

Cisco Secure Firewall Threat Defense Intrusion Prevention System

Get advanced automated malware sandboxing of unknown files at the network edge by our IPS. Results are presented through the Threat Defense Manager and shared with Cisco Secure.

Secure Endpoint

Secure Malware Analytics automatically analyzes low-prevalence executables identified by Secure Endpoint. It also provides on-demand malware analysis capabilities. All samples are given a threat score, so you can rapidly triage incidents.

Secure Endpoint Private Cloud

If your organization has privacy requirements that restrict the use of a public cloud, the Cisco Secure Endpoint Private Cloud virtual appliance is an on-premises, air-gapped option. Malware analysis is highly secure, and all analyzed files remain within your physical and logical boundary.

Web and Email

Web and email remain the top vectors for malware. Malware Analytics has been integrated into Cisco Secure Web Appliance and Secure Email solutions. It enhances malware detection using advanced static and dynamic malware analysis technologies.

Meraki MX

Secure Malware Analytics’ dynamic malware analysis is combined with the Meraki unified threat management (UTM) solution to provide deep visibility into threats across branch locations and remote offices. Managing security is easier, yet you gain advanced threat capabilities. Security teams can better understand, prioritize, and mitigate attacks.

Cisco Umbrella

Secure Malware Analytics is integrated with Cisco Umbrella to identify all malicious domains discovered during analysis. Customers can automatically block users from connecting to the known malicious domains, preventing data exfiltration.

Other products

Secure Endpoint license holders may increase the daily submission limit with sample packs, or add the full Secure Malware Analytics Premium, which offers all Secure Malware Analytics functionality, including premium threat intelligence feeds, API access, investigative capabilities and the unique Glovebox malware interaction tool.

Cisco Secure Malware Analytics is also available as a highly secure, on-premises appliance that does not transmit data outside the enterprise. Sensitive and compliance-protected data remains safely on site.

Integrations with third-party solutions

Our partner ecosystem makes it easier for you to automate sample submissions from your existing security technologies. For more information about the Secure Malware Analytics APIs, please visit DevNet. For more information on the partners below, and the entire Cisco Security ecosystem, please visit the Secure Technical Alliance Partners.

Cisco partner’s that have integrated Secure Malware Analytics malware analysis into their products include:

  • BluVector A Comcast Company
  • D3 Security SOAR
  • DFLabs INCMan
  • Exabeam Security Intelligence Platform
  • Fortinet FortiSOAR
  • IBM QRadar
  • IBM Resilient
  • IBM X-Force
  • LogRhythm Security Intelligence Platform
  • Minerva’s Anti-Evasion Platform
  • OpenText EnCase
  • Palo Alto Networks Cortex XSOAR
  • Paterva Maltego
  • RSA NetWitness Packets
  • Siemplify SOAR
  • Splunk SIEM
  • Splunk SOAR
  • Swimlane Security Operations Manager
  • TheHive SOAR
  • TrapX DeceptionGrid
  • TripWire Enterprise
  • UncommonX
  • WireX Systems Network Forensics Platform


Threat intelligence platforms that use Secure Malware Analytics malware feeds include:

  • Anomali
  • Centripetal Networks
  • Eclectic IQ
  • ThreatConnect
  • ThreatQuotient