Cisco Umbrella Investigate
Umbrella Investigate gives the most complete view of the relationships and evolution of internet domains, IPs, and files — helping to pinpoint attackers’ infrastructures and predict future threats. No other vendor offers the same level of interactive threat intelligence — exposing current and developing threats. Umbrella delivers the context you need for faster incident investigation and response.
1. Risk score
Access reliable threat scoring with rich visibility into what contributes to the score so you can triage faster.
2. DNS request patterns
See up-to-the minute views of DNS requests to a particular domain. A sudden spike in traffic may indicate malicious activity.
3. Passive DNS
Get deeper context on the domain with a snapshot of key events and tagged security categories for the past 5 years.
The Investigate advantage
Access our realtime threat intelligence to:
Intelligence that stacks up
Umbrella stops attacks from getting to your network or endpoints. Statistical and machine learning models combined with intelligence from Cisco Talos web reputation, Cisco Advanced Malware Protection (AMP) file reputation and AV engines for the most complete view of the relationships and evolution of internet domains, IPs, and malware. Easily enrich investigations with third-party integrations to amplify existing investment and…
- 72% of customers reduced investigation time by 50% or more with Cisco Umbrella Investigate.
- More than half of Umbrella respondents saw a reduction in malware infections by 75% or more.
Leveraging Investigate for efficient incident response and predictive security
“Before we used the Investigate API in our incident response process, it might have taken our incident responders many hours, or even days, to respond to an incident. Now we’ve automated much of that process, so we can get it down to a very quick and efficient few minutes.”
Head of Security, Yelp
Investigate from Cisco Umbrella
The most complete view of the relationships and evolution of Internet domains, IP addresses…
Investigate attacks like never before
Attackers are pivoting through your infrastructure. What if you could pivot through theirs?