Threat protection amplification partners
Using Umbrella with our threat protection amplification partners, customers can extend their perimeter to the cloud and transparently protect any user and any device, in any location.
Using our APIs and unique view of the Internet, Investigate can also enrich your threat intelligence with real-time context about suspicious domains, IPs, and ASNs. You can add our risk scores to your IOCs across a number of attacker infrastructure attributes. For example, you can script different actions for domains based on Umbrella detecting that they use fast flux networks (FFNs) or were created by domain generation algorithms (DGAs).
Programmatically take immediate action on threat intelligence
Hours or days can go by before you manually configure appliance- or agent-based defenses to take action on newly aggregated threat intelligence. Cisco Umbrella enables you to complete the last necessary step to operationalize your threat intelligence. By leveraging Cisco Umbrella APIs, you can create up to 10 custom integrations between your custom in-house systems and our cloud-delivered network security service—Cisco Umbrella. Each integration allows your custom scripts to automatically add or remove domains in a separate security category. You can enforce different policies on each security category.
Take advantage of the Cisco ecosystem
Sending your traffic to our cloud platform has never been easier. You can use your existing Cisco footprint to quickly provision thousands of network egresses and roaming laptops – protecting your off-network users, branch locations, and Wi-Fi users in minutes.
Our partnerships enable organizations to provide a secure and compliant Wi-Fi experience by enforcing network security and content filtering at the DNS layer.