SecureX benefits
SecureX, a cloud-native Extended Detection and Response (XDR) solution, connects the Cisco security portfolio with your existing infrastructure for a simpler, more consistent experience. SecureX delivers greater visibility and improved operational efficiency to:
See and stop attacks earlier
SecureX accelerates threat hunting and incident management by aggregating and correlating intelligence and data across your infrastructure in one view.
The Umbrella reporting API enables customers to unify activity data within the SecureX dashboard to speed response and limit human-powered tasks.
“Umbrella integration with SecureX threat response gives me better visibility and provides information quicker than if I investigate using Umbrella only.”
-Security Officer, Small Business Wholesale Distribution Company
Gain greater context for Indicators of Compromise (IoCs)
SecureX integrates threat intelligence from Cisco Talos and third-party sources to automatically research IoCs and confirm threats.
The Umbrella Investigate API lets customers query our database to gain context from Umbrella’s robust historical data. The Investigate API gathers results from Investigate with anything that can send a HTTP request, including URL and modern internet browsers. You can quickly check the security status of a domain, IP address or subset of domains that appear in logs from your firewall, UTM or other Internet egress points.
By analyzing and learning from Internet activity patterns, Umbrella can automatically uncover attacker infrastructure staged for current and emerging threats and proactively block requests to malicious destinations before a connection is established. This information is shared with SecureX to enrich all investigations and quickly block the source of attacks.
Automate for consistent blocking
Cisco Umbrella with SecureX can make your security processes more efficient by blocking more threats early in the attack process and simplifying the investigation and remediation steps.
SecureX enables you to automatically add indicators of compromise to your Umbrella block list. Using the Umbrella enforcement API, customers can quickly tell if a domain is identified as malicious in another Cisco tool, and automatically block that risk in Umbrella.
Umbrella handles more than 600 billion internet requests per day and uses fine-tuned models to detect and block millions of threats.
Customers agree, SecureX is coordinated protection
Organizations spend too much time trying to integrate separate products and share data effectively. The time has come for a more coordinated security approach that reduces the number of separate security tools and simplifies the process of protecting a modern IT environment.
