Cisco launches cyber detection and response solution

Cisco Extended Detection and Response (XDR) simplifies security operations in today’s hybrid,​ multi-vendor, multi-threat landscape.

  • 1 year ago Posted in

Cisco has unveiled the latest progress towards its vision of the Cisco Security Cloud, a unified, AI-driven, cross-domain security platform. Cisco’s new XDR solution and the release of advanced features for Duo MFA will help organizations better protect the integrity of their entire IT ecosystem. 

 

Threat Detection and Response  

 

Cisco’s XDR strategy converges its deep expertise and visibility across the network and endpoints into one ​turnkey, risk-based solution. Now in Beta with General Availability coming in July 2023, Cisco XDR simplifies investigating incidents and enables security operations centers (SOCs) to immediately remediate threats. The cloud-first solution applies analytics to prioritize detections and moves the focus from endless investigations to remediating the highest priority incidents with evidence-backed automation.  

 

“The threat landscape is complex and evolving. Detection without response is insufficient, while response without detection is impossible. With Cisco XDR, security operations teams can respond and remediate threats before they have a chance to cause significant damage,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “Cisco continues to ensure that ‘if it's connected, then rest assured you’re also protected.’ We are uniquely positioned to deliver integrated solutions that simplify securing today’s increasingly complex, hybrid multi-cloud environments without compromising user experience.” 

 

While traditional Security Information and Event Management (SIEM) technology provides management for log-centric data and measures outcomes in days, Cisco XDR focuses on telemetry-centric data and delivers outcomes in minutes. It natively analyzes and correlates the six telemetry sources that Security Operations Center (SOC) operators say are critical for an XDR solution: endpoint, network, firewall, email, identity, and DNS. On the endpoint specifically, Cisco XDR leverages insight from 200 million endpoints with Cisco Secure Client, formerly AnyConnect, to provide process-level visibility of where the endpoint meets the network. 

 

"The true measure of XDR is its ability to deliver actual security outcomes, real and measurable benefit to organizations — early detection, impact prioritization, and effective and efficient response,” said Frank Dickson, Group Vice President, Security & Trust, IDC. “True results need to be quantifiable numerically and not just qualitatively described with words. Cisco XDR delivers a clear framework for enabling organizations to achieve such tangible outcomes." 

 

In addition to Cisco’s native telemetry, Cisco XDR integrates with leading third-party vendors to share telemetry, increase interoperability, and deliver consistent outcomes regardless of vendor or technology. The initial set of out-of-the-box integrations at general availability include: 

 

·         Endpoint Detection and Response (EDR): Cybereason Endpoint Detection and Response, Microsoft Defender for Endpoint, Palo Alto Networks Cortex XDR, Trend Micro Vision One, SentinelOne Singularity 

·         Email Threat Defense: Microsoft Defender for Office, Proofpoint Email Protection 

·         Next-Generation Firewall (NGFW): Palo Alto Networks Next-Generation Firewall 

·         Network Detection and Response (NDR): ExtraHop Reveal(x) 

·         Security Information and Event Management (SIEM): Microsoft Sentinel 

More than half of developers believe AI will almost equal Cybercrime in terms of risk to data...
Majority of business leaders view ransomware as top concern as demands increase, accelerating cyber...
KnowBe4’s Q1 2024 global phishing report finds that HR and IT related email subjects account for...
AI-powered vCISO platform for MSPs and MSSPs offers affordable, scalable cybersecurity management...
The new offering uniquely qualifies small businesses to obtain cyber insurance and enables them to...
New Data Security Posture Management (DSPM), Inline email protection and Gen-AI security...
XM Cyber has released the findings of its third annual research report, Navigating the Paths of...
In response to evolving cyber threats, Graylog has released Graylog Security 6.0 to help...