The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Today, companies are experiencing a higher risk of breach than ever before. They are unable to recruit and retain security expertise or keep pace with current threats, and they face a rapidly expanding attack surface. These challenges, along with an overwhelming number of alerts, create increased risk to the business.
Cisco Secure Managed Detection and Response (MDR) combines an elite team of researchers, investigators, and responders with threat intelligence, automation and response capabilities, and defined investigation and response playbooks supported by Cisco Talos threat research. Secure MDR can reduce the time to detect and respond from months to minutes. Secure MDR leverages Cisco’s world-class integrated security architecture to advance security operations capabilities by delivering 24x7x365 threat detection and response – faster – with relevant, meaningful, and prioritized response actions.
● A stronger security posture that protects against threats with expert teams of researchers, investigators, and responders who provide always-on monitoring and response
● Advanced security operations that leverage Cisco threat intelligence and automation
● Management and prioritization of alert volume across cloud, on-premises network, and endpoints with defined investigation and response playbooks
● Powerful integrated security architecture that provides greater visibility
● 24x7x365 analysis, investigation, and response to improve mean time to detect and respond to security threats
Elite researchers, investigators, and responders in our global Security Operations Centers (SOCs) are provided with near-real-time alerts occurring within your cloud, on-premises networks, and endpoints. We engage with you to advance your security operations capabilities by providing clarity on attacks and expert guidance on how to eliminate threats quickly and prevent breaches.
Secure MDR includes:
● Detection using an integrated cloud security ecosystem that improves mean time to detect and contain security threats. The service delivers relevant, high-confidence, and consistent results using proven methodologies, unique intelligence, and an experienced team.
● Analysis through the enrichment of alerts, including Talos threat intelligence. Secure MDR provides attacker attributes and tactics to analysts along with the critical context needed to prioritize the impact and urgency of a threat.
● Investigation of identified threats utilizing defined investigation playbooks that provide added context. When malware, ransomware, botnet, bad actors, and other bad behavior occurs, we make data-driven decisions that establish relevant, meaningful, and prioritized response actions.
● Response with Security Orchestration and Automated Response (SOAR) and case management to execute defined response playbooks to provide detailed threat analysis, including recommended response actions.
● Cisco Talos Intelligence Group, the largest non-governmental threat intelligence research team in the world, provides integrated threat intelligence that protects Cisco Secure MDR security technologies.
● Coordination with Cisco Talos Incident Response for breach and forensic investigations provides next-level capabilities when an alert becomes a breach. Our team of forensic investigators can leverage the Secure MDR data repository and tools to respond to an emergency faster.
● A customer portal provides access to the supported Cisco Security technologies and offers a robust dashboard, ticketing, reporting, and case management interface, providing both operations and executive visibility to all activities.
● Cisco Secure Endpoint continually evolves your endpoint defenses with deep malware analysis, preventing malicious files from spreading.
● Cisco Secure Malware Analytics with advanced sandboxing analyzes the threat that new malware poses to your specific environment and helps prioritize proactive defenses.
● Cisco Umbrella (optional) enforces security at the DNS and IP layers and blocks threats before they reach the network or endpoints.
● Cisco Secure Cloud Analytics (optional) proactively protects your cloud resources, internal network, and even encrypted traffic against new threats.
Contact your local Cisco sales representative or partner, or visit cisco.com/go/mdr.