SlideShare una empresa de Scribd logo

Cisco SecureX.pdf

W
WildhaniIhyaraRahman1

Cisco Extended Detection and Response

Tecnología
1 de 18
Descargar para leer sin conexión
Wildhani I R Cybersecurity Specialist SecureX
Agenda SecureX Value Proposition Understanding SecureX Demo SecureX Automated Threat Hunting Investigation Demo SecureX Orchestration Custom Response Actions 1 2 3 4
5 © 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public SecureX Value Proposition
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Top Customer Challenge Security Operations Technologies and Intelligence Is this thing bad? Has it affected us? How? Why? Web Security Network Analytics Next-Gen Firewall Email Security Third-Party Sources Secure Internet Gateway Next-Gen IPS Endpoint Security Threat Intel SIEM Identity Management Malware Detection Security Does Not Work Together
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Investigation Remediation Managed Policy Orchestration Automation Detection Analytics Unified Visibility What is SecureX Customer Infrastructure SIEM/SOAR Identity Third-Party/ITSM Intelligence Cisco Secure Applications Cloud Network Endpoint A Cloud-Native, Built-In Platform Experience Within Our Portfolio Customer Teams ITOps NetOps SecOps
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecureX Unlocks Value for Your Customers Integrations built-in, pre-built or custom Ribbon & Sign-on never leaves you maintains context Dashboard customizable for what matters to you Threat Response is at the core of the platform Orchestration drag-drop GUI for no/low code Unified In One Location for Maximized Operational Integrated & Open for Simplicity Visibility Efficiency Device Insights device inventory with the contextual awareness
6 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential How true simplicity is experienced Before: 32 minutes 2. Investigate incidents in multiple consoles Product dashboard 1 Product dashboard 2 Product dashboard 3 Product dashboard 4 3. Remediate by coordinating multiple teams Product dashboard 1 Product dashboard 2 Product dashboard 3 Product dashboard 4 1. IOC/alert After: 5 minutes SecureX threat response is integrated across your security infrastructure SHA - 256 IP Target endpoint Email Query intel and telemetry from multiple integrated products Subject Quickly visualize the Threat impact in your environment Remediate directly from one UI In one view Malicious domain
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Cisco Infrastructure Third-Party Infrastructure IT service management, and cloud/virtual and DevOps platforms General Toolsets Scripting/dev tools, system interfaces, data exchanges, and messaging protocols Networking, collaboration, server/ app, and Multicloud management platforms Third-Party Security Operational tools, intelligence sources, infrastructure protections and visibility Meaningful Integrations to Protect your Network HTTP SMTP SNMP …and more! ACI UCS Director CloudCenter DNA Center Cisco Webex
8 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential A new level of visibility with SecureX dashboard Understand what matters in one view across your security infrastructure • Applications (left) View, launch or trial the integrated products • Tiles (middle) Presents metrics and operational measures from the integrated products • News (right) Product updates, industry news, and blog posts
9 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential I make automated playbook changes in minutes with a drag- drop interface My top 5 most frustrating tasks have all be automated We have never communicated faster: Our approvals are automated Maximizing operational efficiency After: I combined 9 tasks across 3 security tools, 2 infrastructuresystems, and 3 teams in one keystroke! Solution:Orchestrating security across the full lifecycle Before: Repetitive, human-poweredtasks ALERT task: REMEDIATE Cisco or non-Cisco infrastructure Pre-built or customizable workflows task task task task while loop condition Go To: SecureX threat response deep dive Outdated playbook Automation script that works “sometimes” Playbook Integration script that no longer works
14 © 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public Understanding SecureX
11 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps The process of consulting all the modules to find out what any of them know about the observable(s). Enrichment DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation
12 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps DNS security Etc.. EPP NGIPS SecureX threat response EPP logs NGIPS logs DNS logs Etc. File Analysis Etc . IP reputation Domain reputation Enrichment The process of consulting all the modules to find out what any of them know about the observable(s).
13 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps Enrichment DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation The process of consulting all the modules to find out what any of them know about the observable(s).
14 SecOps The process of leveraging the capabilities of SecureX-enabled technologies to mitigate threats by acting on observables or targets Response DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
15 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps DNS security Etc.. EPP NGIPS SecureX threat response EPP logs NGIPS logs DNS logs Etc. File Analysis Etc . IP reputation Domain reputation Response The process of leveraging the capabilities of SecureX-enabled technologies to mitigate threats by acting on observables or targets
16 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential I’m a Cisco Secure customer with SecureX threat response My team can: Answer questions faster about observables. Block and unblock domains from threat response. Isolate Hosts Hunt for an observable associated with a known actor and immediately see organizational impact. Save a point in time snapshot of our investigations for further analysis. Document our analysis in a cloud casebook from all integrated or web-accessible tools, via an API. Integrate threat response easily into existing processes and custom tools Store our own threat intel in threat response private intel for use in investigations See Incidents all in one place Block and unblock file executions from threat response
Cisco SecureX.pdf

Recomendados

BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA Cyber Security
 
Building a Security Architecture
Building a Security ArchitectureBuilding a Security Architecture
Building a Security Architecture
Cisco Canada
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016
David Patterson
 
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
Cisco DevNet
 
Cisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre securityCisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre security
Cisco Canada
 
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalWave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Quek Lilian
 
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
Iftikhar Ali Iqbal
 
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco #ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
ITSitio.com
 

Recomendados

BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA Cyber Security
 
Building a Security Architecture
Building a Security ArchitectureBuilding a Security Architecture
Building a Security Architecture
Cisco Canada
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016
David Patterson
 
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
Cisco DevNet
 
Cisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre securityCisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre security
Cisco Canada
 
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalWave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Quek Lilian
 
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
Iftikhar Ali Iqbal
 
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco #ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
ITSitio.com
 
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
Cristian Garcia G.
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
IBM
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPs
Cisco Russia
 
Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy
NetworkCollaborators
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security Enhancements
Presentologics
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Vinod Kumar
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web Systems
InnoTech
 
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
Nur Shiqim Chok
 
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approachCisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
NetworkCollaborators
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid Cloud
RightScale
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Cisco do Brasil
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
EnergySec
 
CIS Control Solution Guide
CIS Control Solution Guide CIS Control Solution Guide
CIS Control Solution Guide
Lauren Bell
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin Nystrom
PROIDEA
 
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRYDESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
iQHub
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
Scalar Decisions
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSec
Robb Boyd
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
Amazon Web Services
 
Manoj Kumar_CA
Manoj Kumar_CAManoj Kumar_CA
Manoj Kumar_CA
Manoj Kumar M
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
 

Más contenido relacionado

Similar a Cisco SecureX.pdf

Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security Enhancements
Presentologics
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid Cloud
RightScale
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
EnergySec
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin Nystrom
PROIDEA
 
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRYDESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
iQHub
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
Amazon Web Services
 

Similar a Cisco SecureX.pdf (20)

CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPs
 
Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security Enhancements
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web Systems
 
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
 
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approachCisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid Cloud
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
 
CIS Control Solution Guide
CIS Control Solution Guide CIS Control Solution Guide
CIS Control Solution Guide
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin Nystrom
 
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRYDESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSec
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
 
Manoj Kumar_CA
Manoj Kumar_CAManoj Kumar_CA
Manoj Kumar_CA
 

Último

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Último (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Cisco SecureX.pdf

  • 1. Wildhani I R Cybersecurity Specialist SecureX
  • 2. Agenda SecureX Value Proposition Understanding SecureX Demo SecureX Automated Threat Hunting Investigation Demo SecureX Orchestration Custom Response Actions 1 2 3 4
  • 3. 5 © 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public SecureX Value Proposition
  • 4. © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Top Customer Challenge Security Operations Technologies and Intelligence Is this thing bad? Has it affected us? How? Why? Web Security Network Analytics Next-Gen Firewall Email Security Third-Party Sources Secure Internet Gateway Next-Gen IPS Endpoint Security Threat Intel SIEM Identity Management Malware Detection Security Does Not Work Together
  • 5. © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Investigation Remediation Managed Policy Orchestration Automation Detection Analytics Unified Visibility What is SecureX Customer Infrastructure SIEM/SOAR Identity Third-Party/ITSM Intelligence Cisco Secure Applications Cloud Network Endpoint A Cloud-Native, Built-In Platform Experience Within Our Portfolio Customer Teams ITOps NetOps SecOps
  • 6. © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecureX Unlocks Value for Your Customers Integrations built-in, pre-built or custom Ribbon & Sign-on never leaves you maintains context Dashboard customizable for what matters to you Threat Response is at the core of the platform Orchestration drag-drop GUI for no/low code Unified In One Location for Maximized Operational Integrated & Open for Simplicity Visibility Efficiency Device Insights device inventory with the contextual awareness
  • 7. 6 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential How true simplicity is experienced Before: 32 minutes 2. Investigate incidents in multiple consoles Product dashboard 1 Product dashboard 2 Product dashboard 3 Product dashboard 4 3. Remediate by coordinating multiple teams Product dashboard 1 Product dashboard 2 Product dashboard 3 Product dashboard 4 1. IOC/alert After: 5 minutes SecureX threat response is integrated across your security infrastructure SHA - 256 IP Target endpoint Email Query intel and telemetry from multiple integrated products Subject Quickly visualize the Threat impact in your environment Remediate directly from one UI In one view Malicious domain
  • 8. © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Cisco Infrastructure Third-Party Infrastructure IT service management, and cloud/virtual and DevOps platforms General Toolsets Scripting/dev tools, system interfaces, data exchanges, and messaging protocols Networking, collaboration, server/ app, and Multicloud management platforms Third-Party Security Operational tools, intelligence sources, infrastructure protections and visibility Meaningful Integrations to Protect your Network HTTP SMTP SNMP …and more! ACI UCS Director CloudCenter DNA Center Cisco Webex
  • 9. 8 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential A new level of visibility with SecureX dashboard Understand what matters in one view across your security infrastructure • Applications (left) View, launch or trial the integrated products • Tiles (middle) Presents metrics and operational measures from the integrated products • News (right) Product updates, industry news, and blog posts
  • 10. 9 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential I make automated playbook changes in minutes with a drag- drop interface My top 5 most frustrating tasks have all be automated We have never communicated faster: Our approvals are automated Maximizing operational efficiency After: I combined 9 tasks across 3 security tools, 2 infrastructuresystems, and 3 teams in one keystroke! Solution:Orchestrating security across the full lifecycle Before: Repetitive, human-poweredtasks ALERT task: REMEDIATE Cisco or non-Cisco infrastructure Pre-built or customizable workflows task task task task while loop condition Go To: SecureX threat response deep dive Outdated playbook Automation script that works “sometimes” Playbook Integration script that no longer works
  • 11. 14 © 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public Understanding SecureX
  • 12. 11 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps The process of consulting all the modules to find out what any of them know about the observable(s). Enrichment DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation
  • 13. 12 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps DNS security Etc.. EPP NGIPS SecureX threat response EPP logs NGIPS logs DNS logs Etc. File Analysis Etc . IP reputation Domain reputation Enrichment The process of consulting all the modules to find out what any of them know about the observable(s).
  • 14. 13 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps Enrichment DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation The process of consulting all the modules to find out what any of them know about the observable(s).
  • 15. 14 SecOps The process of leveraging the capabilities of SecureX-enabled technologies to mitigate threats by acting on observables or targets Response DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
  • 16. 15 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps DNS security Etc.. EPP NGIPS SecureX threat response EPP logs NGIPS logs DNS logs Etc. File Analysis Etc . IP reputation Domain reputation Response The process of leveraging the capabilities of SecureX-enabled technologies to mitigate threats by acting on observables or targets
  • 17. 16 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential I’m a Cisco Secure customer with SecureX threat response My team can: Answer questions faster about observables. Block and unblock domains from threat response. Isolate Hosts Hunt for an observable associated with a known actor and immediately see organizational impact. Save a point in time snapshot of our investigations for further analysis. Document our analysis in a cloud casebook from all integrated or web-accessible tools, via an API. Integrate threat response easily into existing processes and custom tools Store our own threat intel in threat response private intel for use in investigations See Incidents all in one place Block and unblock file executions from threat response