Threat protection amplification partners
Using Umbrella with our threat protection amplification partners, customers can extend their perimeter to the cloud and transparently protect any user and any device, in any location.
Using our APIs and unique view of the Internet, Investigate can also enrich your threat intelligence with real-time context about suspicious domains, IPs, and ASNs. You can add our risk scores to your IOCs across a number of attacker infrastructure attributes. For example, you can script different actions for domains based on Umbrella detecting that they use fast flux networks (FFNs) or were created by domain generation algorithms (DGAs).
Programmatically take immediate action on threat intelligence
Hours or days can go by before you manually configure appliance- or agent-based defenses to take action on newly aggregated threat intelligence. Cisco Umbrella enables you to complete the last necessary step to operationalize your threat intelligence. By leveraging Cisco Umbrella APIs, organizations can easily generate integration, enrichment and orchestration workflows. Our rich collection of APIs make it simple for you to aggregate Umbrella’s industry leading visibility with cross product intelligence and enhance your security posture.
Take advantage of the Cisco ecosystem
Sending your traffic to our cloud platform has never been easier. You can use your existing Cisco footprint to quickly provision thousands of network egresses and roaming laptops – protecting your off-network users, branch locations, and Wi-Fi users in minutes.
Our partnerships enable organizations to provide a secure and compliant Wi-Fi experience by enforcing network security and content filtering at the DNS layer.