Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Built-In Security Analytics Across Cisco

Machine-scale analysis for human-scale understanding

Security teams are struggling with lengthy detection times, a shortage of cybersecurity professionals, and missed threats due to alert fatigue. Analytical techniques applied at the network, cloud, endpoint, and application level can help simplify the complexity your security teams are facing.

Why Cisco security analytics?

Security analytics is the process of collecting, optimizing, and analyzing data from different sources with the aim to block threats and proactively detect malicious events before they turn into a breach. At Cisco, we have security technologies that can analyze the large amount of data generated at the network, cloud, endpoint, web and application level.

Using multiple analytical techniques--like behavioral modeling, machine learning, statistical modeling, and more--our solutions can automatically block threats and quickly identify ones that might have infiltrated your organization. Our technologies are infused with industry-leading Cisco Talos threat intelligence in order to correlate local events to global campaigns. So whether it is an unknown threat, a malicious insider hoarding or exfiltrating a large amount of sensitive data, or even a threat hiding in encrypted traffic, Cisco Security has you covered. 

How Cisco applies security analytics

Secure network and cloud infrastructure

With behavioral modeling and machine learning, we can process billions of network sessions, find anomalies, and reduce them to critical alerts--on-premises and in the cloud, and even in encrypted traffic. 

Secure Internet connections

Using statistical models, we can automatically score and classify DNS and web traffic data to detect anomalies, identify attacker infrastructure, and uncover known and emergent threats. We also use web reputation to stop malicious domains and thwart attacks.

Secure endpoints

Our technology is trained to "learn" to identify malicious files and activity based on the attributes of known malware. Machine learning capabilities can help detect never-before-seen malware at the point of entry.

Secure user access

We develop a baseline of normal access within an organization, then analyze each new access attempt to highlight anomalous behavior. This can provide insight into threats such as account takeover, access abuse, and compromised insiders.

Secure applications

We provide complete visibility into application components, communications, and dependencies to enable faster detection and consistent microsegmentation.

Cisco solutions with built-in security analytics

Cisco Stealthwatch

Detects threats across private networks and public multicloud environments--even the ones hiding in encrypted traffic.

Cisco Umbrella

Provides the first line of defense against threats on the Internet. Cloud-delivered to protect all your users in minutes.

Cisco Web Security

Automatically detects and blocks web-based threats and tests unknown sites before letting users click on them.

Cisco AMP for Endpoints

Blocks malware at point of entry. Rapidly detects, contains, and remediates advanced threats that evade defenses and get inside your network.

Cisco Duo

Verifies users' identities, gives visibility into every device, and enforces adaptive policies to secure access to applications.

Cisco Tetration

Understands application behaviors and automates microsegmentation policy generation and enforcement.