Accelerate threat hunting and incident response by seamlessly integrating SecureX and your existing security technologies, as well as with partner ecosystems.
Cisco Secure product
Integration value to SecureX
Outcomes
Cisco Orbital
Integration value to SecureX
Orbital adds osquery to Secure Endpoint to support detailed and fast queries for incident responders. It is one of the ribbon apps in SecureX and is therefore accessible quickly from within the console of any ribbon-capable product. Additionally, Orbital is available via the pivot modules driven by the SecureX threat response app.
Outcomes
Trigger deep and detailed system status queries in parallel across your entire deployment in seconds.
Cisco Secure Malware Analytics
Integration value to SecureX
Integration of SecureX and Secure Malware Analytics allows users to get detailed intelligence about malware, associated network traffic, system changes, and more.
Outcomes
Gain heightened malware threat intelligence via automated detonation of suspected files from a global user base.
Cisco Secure Network Analytics
Integration value to SecureX
Secure Network Analytics enriches SecureX threat detection and response with agentless behavioral and anomaly detection capabilities. SecureX integrations with other sources of global threat intelligence and internal visibility enrich Secure Network Analytics findings with confirmed threat intel and local sightings. Integrations with Cisco control devices provide two-click mitigation and resolution. Secure Network Analytics provides tiles to the SecureX dashboard, as well actions for orchestration so customers can build automated workflows. Additionally, Secure Network Analytics incorporates the SecureX ribbon, allowing SecureX functions to be leveraged from any part of the Secure Network Analytics console.
Outcomes
Save time and gain a more holistic response by using SecureX to process and manage high-priority alerts from Secure Network Analytics (and any other configured alerting technology). In addition, the ability to query all configured Secure Network Analytics devices in SecureX threat response and then use them in coordinated, single-click defenses, simplifies visibility and increases response efficiency.
Cisco Secure Cloud Analytics
Integration value to SecureX
Secure Cloud Analytics provides tiles to the SecureX dashboard, as well as actions for orchestration so customers can build automated workflows. Additionally, Secure Cloud Analytics incorporates the SecureX ribbon, allowing SecureX functions to be leveraged from any part of the Secure Cloud Analytics console.
Outcomes
Accelerate investigations with better visibility and greater efficiency.
Cisco Secure Email
Integration value to SecureX
Integration of SecureX and Secure Email allows you to understand email as a threat vector by visualizing message, sender, and target relationships in the context of a threat. You can search for multiple email addresses, subject lines, and attachments at once to understand how a threat has spread. Secure Email provides tiles to the SecureX dashboard, as well as actions for orchestration so customers can build automated workflows. Additionally, Secure Email incorporates the SecureX ribbon, allowing SecureX functions to be leveraged from any part of the Secure Email console.
Outcomes
Get better insight into the context of a threat with email as a threat vector. Combat phishing attacks, business email compromise, malware, and ransomware.
Cisco Umbrella
Integration value to SecureX
In SecureX, Umbrella provides global threat intelligence from its rich database of multifaceted domain reputation, local security insight by reporting sightings of investigated domains, and the ability to block domains immediately and enterprisewide in two clicks. Umbrella also provides tiles to the SecureX dashboard, as well as actions for orchestration so customers can build automated workflows. Additionally, Umbrella incorporates the SecureX ribbon, allowing SecureX functions to be leveraged from any part of the Umbrella console.
Outcomes
Enrich all investigations with leading reputational insight on domains and more. Discover—and quickly block—the sources of attacks, the recipients of potential or discovered data leakage, or other parts of adversary infrastructure.
Cisco Secure Firewall
Integration value to SecureX
Secure Firewall provides sightings of IP addresses, URLs, and domain in SecureX. Additionally, users can leverage Firepower devices via SecureX to block IPs at the perimeter. Secure Firewall devices also can be configured to provide alerts to Cisco's cloud event storage platform to be triaged and correlated such that the most pressing alerts are displayed to the user in SecureX incident manager. Secure Firewall provides tiles to the SecureX dashboard, as well as actions for orchestration so customers can build automated workflows.
Outcomes
Use SecureX to process and manage high-priority alerts from all Secure Firewall devices (and any other configured alerting technologies), saving time and providing a more holistic response. In addition, querying all configured Secure Firewall devices in SecureX threat response and then using them in coordinated, single-click defenses, simplifies visibility and increases response efficiency.
Cisco Defense Orchestrator
Integration value to SecureX
Defense Orchestrator provides tiles to the SecureX dashboard. Additionally, Defense Orchestrator incorporates the SecureX ribbon, allowing SecureX functions to be leveraged from any part of the Defense Orchestrator console.
Outcomes
Gain consistent policy enforcement and visibility, by streamlining security policies and device management across your extended network.
Cisco Secure Web Appliance
Integration value to SecureX
Integration with SecureX provides other sources of global threat intelligence and internal visibility that affirm and enrich Secure Web Appliance findings with confirmed threat intel and local sightings. Secure Web Appliance provides tiles to the SecureX dashboard, as well as actions for orchestration so customers can build automated workflows.
Outcomes
Protect your network against the most common threat vector, whether users are browsing the web in the office, on the road, and everywhere in between.
Cisco Secure Workload
Integration value to SecureX
Secure Workload provides tiles to the SecureX dashboard, as well as actions for orchestration so customers can build automated workflows..
Outcomes
Gain greater visibility to protect critical application workloads with a zero-trust security approach.
Cisco Secure Access by Duo
Integration value to SecureX
In SecureX, Duo provides actions for orchestration so customers can build automated workflows.
Outcomes
Secure your workforce by providing trusted access to your applications and establish device trust.
Additional Cisco Secure resources
Integration value to SecureX
Access to several threat intelligence sources is included with SecureX at no additional cost. These include the Talos database, the default Cisco Secure Threat Intelligence Architecture, and a private repository into which users can upload their own threat intelligence, whether generated in house or acquired from other sources.
Outcomes
Simultaneously enhance all investigations with additional information about adversaries and adversary infrastructures from multiple sources.