Cisco Umbrella

Enterprise network security

Search

Investigate attacks like never before

Attackers are already pivoting through your infrastructure. What if you could pivot through theirs?

Get a demo of Investigate
Cisco Umbrella Investigate Overview Video

Cisco Umbrella Investigate

Umbrella Investigate gives the most complete view of the relationships and evolution of internet domains, IPs, and files — helping to pinpoint attackers’ infrastructures and predict future threats. No other vendor offers the same level of interactive threat intelligence — exposing current and developing threats. Umbrella delivers the context you need for faster incident investigation and response.

Investigate console

1. Risk score
Access reliable threat scoring with rich visibility into what contributes to the score so you can triage faster.

2. DNS request patterns
See up-to-the minute views of DNS requests to a particular domain. A sudden spike in traffic may indicate malicious activity.

3. Passive DNS
Get deeper context on the domain with a snapshot of key events and tagged security categories for the past 5 years.

Investigate console


How Avanade uses Investigate for security and business decisions

“Investigate is a swiss army knife of trying to understand endpoints on the internet. By using Investigate, it gives us that insight into why that’s happening, and how do we make the right business decision. Because blocking something is a business decision, it’s not always a technology decision.”

Joseph Paradi
Executive – ITS Enterprise Services, Avanade


The Investigate advantage

Access our realtime threat intelligence to:

Proactively protect users icon

Proactively protect users

Uncover attacker infrastructure and stop attacks before they launch

Prioritize incidents icon

Better prioritize incidents

Identify what alerts need additional investigation

Speed investigations icon

Speed investigations

Gain greater context for faster decision making and remediation

Intelligence that stacks up

Umbrella stops attacks from getting to your network or endpoints. Statistical and machine learning models combined with intelligence from Cisco Talos web reputation, Cisco Advanced Malware Protection (AMP) file reputation and AV engines for the most complete view of the relationships and evolution of internet domains, IPs, and malware. Easily enrich investigations with third-party integrations to amplify existing investment and…

  • 72% of customers reduced investigation time by 50% or more with Cisco Umbrella Investigate.
  • More than half of Umbrella respondents saw a reduction in malware infections by 75% or more.
Investigate partner integrations graphic

Leveraging Investigate for efficient incident response and predictive security

“Before we used the Investigate API for our incident response process, it might have taken our incident responders many hours, or even days, to respond to an incident. Now we’ve automated much of that process, so we can get it down to a very quick and efficient few minutes”

Read the full story

Yelp's experience with Cisco Umbrella - video

Data sheet

Investigate from Cisco Umbrella

The most complete view of the relationships and evolution of Internet domains, IP addresses…

Infographic

Investigate attacks like never before

Attackers are pivoting through your infrastructure. What if you could pivot through theirs?

Blog

Determine Risk Factors for a Domain With Cisco Umbrella

Read the full blog post
LinkedIn Youtube