9.8 C
Canberra
Saturday, September 21, 2024

The Advantages of Tech Alliances


Since we adopted an open ecosystems strategy, we now have witnessed quite a few integrations made obtainable by Cisco Safety and our expertise companions. These integrations intention to enhance the cybersecurity posture and defenses of our mutual clients on account of their collaborative nature.

These partnerships allow the creation of extra complete, efficient and environment friendly cybersecurity options. As cyber threats proceed to evolve, these collaborations play an more and more essential position in serving to organizations defend their digital belongings. By using these built-in options, companies can set up a stronger safety posture and be higher ready to face the challenges introduced by at present’s digital panorama. Vendor openness fosters higher synergy and outcomes for the state of cybersecurity.

The energy of our integrations was put to the take a look at at important occasions reminiscent of RSAC, Black Hat, NFL Superbowl LVIII and the Paris Olympics. In these occasions, Cisco Safety and our expertise companions labored collectively within the Community & Safety operations facilities and successfully safeguarded these occasions from threats, guaranteeing the security of individuals and infrastructure.

As we wrap up our fiscal 12 months 2024, our open and inclusive cybersecurity expertise alliance, Cisco Safety Technical Alliance, now boasts over 400 expertise companions and 825 integrations throughout Cisco’s cybersecurity product portfolio. In our annual roundup, Cisco Safety extends a heat welcome to all new and increasing expertise companions in our ecosystem. Deploying these built-in options collectively fosters a “synergy” that aids in additional effectively addressing buyer safety points.

To be taught extra about every accomplice integration on this announcement, please evaluate the person accomplice highlights under. For extra particulars on the companions, please go to our webpage at Cisco Safety Technical Alliance.

Comfortable Integrating!


Extra particulars about our companions and their integrations:

New Cisco Breach Safety Suite integrations

These integrations assist clients utilizing Cisco’s Breach Safety Suite set up a stronger safety posture.

Atlassian — Jira Cloud

Jira Cloud is constructed for each member of your software program group to plan, observe, and handle their work. Jira provides bug monitoring, situation monitoring, agile challenge administration and extra. Enabling this integration in Cisco XDR will make the Jira API obtainable as a goal for automation workflows.

Prison IP

Prison IP by AI Spera is an AI-powered menace intelligence search engine that gives you the most recent knowledge on all internet-connected belongings. This integration with Cisco XDR provides real-time insights and danger scoring for IP addresses and domains to realize extra info on the findings via Prison IP’s UI by initiating a search in Prison IP.

CrowdStrike

Two new Cisco-managed XDR workflows for CrowdStrike had been launched:

  1. Create Customized IOC: This seems within the pivot menu and permits you to create an IOC in CrowdStrike for an observable.
  2. Carry Containment for Hosts:This incident response workflow permits you to carry containment for hosts in CrowdStrike from a playbook or utilizing an automation rule.

CrowdStrike additionally developed the Cisco Safe E-mail Gateway Information Connector to ingest Safe E-mail Gateway knowledge into their Falcon platform. This improves detection of contemporary threats by unifying safety knowledge from endpoints and emails.

Darktrace

Darktrace is a Community Detection and Response (NDR) providing. In Cisco XDR, we allow Darktrace customers to leverage it for menace looking and investigation options. Use the Darktrace integration to question for safety detections of observables together with IP, hostname and Darktrace system ID.

Elastic Cloud

Enabling this integration in Cisco XDR will make the Elastic Cloud API obtainable as a goal for automation workflows, which can be utilized to do issues like ship incident knowledge to Elastic seek for indexing and retention.

Integrating with ExtraHop Reveal(x) Enterprise permits you to mechanically seek for units, add or take away units from a watchlist and seek for detections. This integration with Cisco XDR additionally creates an HTTP goal mechanically in Automation for out-of-box workflows.

LevelBlue (AlienVault)

The AlienVault Open Menace Alternate (OTX) is the world’s most authoritative open menace info sharing and evaluation community. AlienVault OTX integration with Cisco XDR permits OTX Exercise Feed knowledge for use to boost the menace detection capabilities in XDR.

Microsoft

Microsoft Azure Lively Director — Customers: Microsoft Azure AD with Cisco XDR offers person and system info to the Cisco XDR Belongings function. It enriches investigations and incident triage and response with system and person context.

Microsoft Defender of Endpoint: In Cisco XDR, we allow Defender for Endpoint customers to leverage it for menace looking and investigation options, in addition to fast response actions to know and defend towards threats on the endpoint. It additionally offers vital system stock context to assist triage detected threats.

Microsoft Defender for Workplace 365: In Cisco XDR, we allow Defender for Workplace 365 customers to leverage e mail intelligence and detections whereas performing incident investigations and menace looking.

NetApp

NetApp-Quantity-Snapshot: The workflow performs a quantity snapshot operation on all volumes in a NetApp ONTAP system, excluding these specified within the Skip Volumes enter variable. It may be triggered by Cisco XDR for automated response actions or playbooks to guard quantity knowledge throughout a menace response.

Enabling this integration in Cisco XDR will make the PagerDuty REST and Occasions APIs obtainable as targets for automation workflows. Workflows can be utilized to do issues like ship a web page via PagerDuty when Cisco XDR incidents are generated.

Palo Alto Networks

Palo Alto Panorama — Add IP, Area, or URL to Group or Class: This Cisco XDR workflow seems within the pivot menu and permits you to add a URL, IP or area title to a bunch or class in Palo Alto Panorama.

Pure Storage

Pure Storage Quantity Snapshot: This Cisco XDR workflow performs a quantity snapshot operation on the set of volumes configured on the Flash Array (On-Premises Goal) utilizing the names supplied as an enter variable.

Pure Storage Safety Group Snapshot: This workflow performs a Safety Group snapshot operation on the set of safety group volumes configured on the Flash Array (On-Premises Goal) utilizing the names supplied as an enter variable.

Pure Storage Delete Consumer: This workflow performs a person deletion on the Flash Array (On-Premises Goal) utilizing the names supplied as an enter variable.

Purple Sift

Purple Sift Pulse offers IP, hostname, and domain-based menace intelligence to Cisco XDR customers to help swift identification and remediation of phishing and impersonation assaults. By leveraging Purple Sift OnDMARC’s e mail safety capabilities, Purple Sift Pulse offers safety groups full visibility into and management over what’s occurring throughout their email-sending infrastructure.

Sentinel One

Two new Cisco XDR automation workflows had been added for SentinelOne integration.

Add Hash to Blocklist: This workflow seems within the pivot menu and permits you to add a file hash to a blocklist in SentinelOne.

Take away Hash from Blocklist: This workflow seems within the pivot menu and permits you to take away a file hash to a blocklist in SentinelOne.

ServiceNow

Enabling this integration in Cisco XDR will make the ServiceNow API obtainable as a goal for Automation workflows. This goal can be utilized to carry out duties reminiscent of creating incidents, creating change tickets and extra.

Slack

Slack brings group communication and collaboration into one place so you may get extra work performed, whether or not you belong to a big enterprise or a small enterprise. This integration permits Cisco XDR customers to leverage Slack as a group collaboration and communication instrument in Automation workflows, together with incident notification and response.

xMatters

The xMatters service reliability platform helps DevOps, SREs and Ops groups automate workflows, guarantee infrastructure availability and ship merchandise at scale. The combination with Cisco XDR makes the xMatters API obtainable as a goal for automation workflows.

New Cisco Cloud Safety Suite integrations

These integrations assist clients utilizing Cisco’s Cloud Safety Suite set up a stronger safety posture.

CrowdStrike

Cisco Umbrella Information Connector: Seamlessly ingest Cisco Umbrella Safety Service Edge (SSE) knowledge into the CrowdStrike Falcon® platform to realize complete cross-domain visibility of threats all through your assault floor.

IBM QRadar

Cisco Safe Workload now has a Machine Assist Module (DSM) for IBM QRadar. The DSM module parses acquired occasions from Safe Workload and converts them to an ordinary taxonomy format that may be displayed in IBM QRadar.

Sevco Safety

By integrating with Cisco Umbrella and correlating the info there with different instruments, Sevco offers complete asset stock which might uncover beforehand unknown vulnerabilities in your surroundings like lacking safety controls, misconfigured brokers, out-of-date software program and extra.

New Cisco Consumer Safety Suite integrations

These integrations assist clients utilizing Cisco’s Consumer Safety Suite set up a stronger safety posture.

Google

Google Chrome Machine Belief Connector: The Duo + Chrome Machine Belief Connector helps organizations simply implement system posture on the time of authentication and simplifies endpoint belief entry coverage administration via a easy, agentless configuration for MacOS, Home windows and ChromeOS.

Google Chronicle up to date its integration with Cisco ISE. This new integration with ISE extends the present one with Chronicle SIEM.

Microsoft

Microsoft Entra ID Exterior Authentication Strategies (EAM): Duo was one of many first companions to construct an integration with Microsoft’s new framework for integrating with third-party authentication suppliers, Exterior Authentication Strategies. With EAM, Duo is a totally built-in MFA and superior id safe id supplier inside Entra ID. Duo is supported throughout all Microsoft workflows together with Microsoft Accomplice Heart.

Duo SSO integrations

Organizations can simply defend entry to their purposes with Duo SSO and luxuriate in all the advantages of our steady id answer. Duo SSO is easy to arrange and deploy, making it straightforward for finish customers to entry the purposes they want, with out the effort of remembering passwords. Moreover, Duo SSO combines Duo’s authentication capabilities, reminiscent of MFA and Passwordless, with highly effective safety insights into id and system danger. This offers organizations with a sturdy instrument to safeguard their customers, knowledge, and purposes.

Our Duo SSO group has been actively constructing integrations with the highest purposes that organizations use. Here’s a record of the a number of the FY24 new Duo SSO integrations:

  • Amazon (14 product integrations)
  • Absolute
  • Auth0
  • Auvik
  • Barracuda
  • Bitwarden
  • Citrix Workspace
  • Datto
  • Delinea
  • Elastic
  • Fortinet
  • GitLab
  • Google Apigee X
  • Google Workspaces
  • HackerOne
  • Hubspot
  • Huntress
  • Island
  • KnowBe4
  • ManageEngine (18 product integrations)
  • NetScaler
  • NinjaOne
  • Okta
  • Ping Id
  • SentinelOne
  • Traceless
  • Tenable
  • Zoho (2 product integrations)

New Cisco Safe Firewall integrations

These integrations assist clients utilizing Cisco Safe Firewall set up a stronger safety posture.

Blumira

By amassing logs from Cisco Safe Firewall, Blumira’s Automated Cloud SIEM makes superior detection and response straightforward and efficient for small and medium-sized companies, accelerating ransomware and breach prevention.

CrowdStrike

CrowdStrike Falcon Perception XDR ingests cross-domain telemetry from Cisco Safe Firewall ASA to allow unified and threat-centric detection throughout a company’s infrastructure.

Titania

Titania Nipper Enterprise precisely assesses the safety and compliance standing of Cisco Safe Firewall and Safe Firewall ASA frequently to verify all configurations are updated and compliance objectives are met and maintained.

Tufin

Tufin now helps Cisco Cloud Delivered FMC for Tufin Orchestration Suite, which is a centralized safety administration layer permitting organizations to outline and implement a complete safety coverage and quickly automate community adjustments whereas remaining compliant to that coverage.

Acknowledgements: Thanks to my wonderful teammates. Their collaboration with our expertise companions has been instrumental in increasing our ecosystem — Jessica Oppenheimer, Ryan Maclennan, Dinkar Sharma, Correine Wiechec, Ginger Leishman, Jenn Kwok, Ben Greenbaum and Apostolos Kouloukourgiotis.


We’d love to listen to what you suppose. Ask a Query, Remark Beneath, and Keep Linked with Cisco Safety on social!

Cisco Safety Social Channels

Instagram
Fb
Twitter
LinkedIn

Share:



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

[td_block_social_counter facebook="tagdiv" twitter="tagdivofficial" youtube="tagdiv" style="style8 td-social-boxed td-social-font-icons" tdc_css="eyJhbGwiOnsibWFyZ2luLWJvdHRvbSI6IjM4IiwiZGlzcGxheSI6IiJ9LCJwb3J0cmFpdCI6eyJtYXJnaW4tYm90dG9tIjoiMzAiLCJkaXNwbGF5IjoiIn0sInBvcnRyYWl0X21heF93aWR0aCI6MTAxOCwicG9ydHJhaXRfbWluX3dpZHRoIjo3Njh9" custom_title="Stay Connected" block_template_id="td_block_template_8" f_header_font_family="712" f_header_font_transform="uppercase" f_header_font_weight="500" f_header_font_size="17" border_color="#dd3333"]
- Advertisement -spot_img

Latest Articles