IT security integrations and APIs
Umbrella partners with leading IT companies to integrate our security enforcement and intelligence
Transform your security strategy: partner with Umbrella
Umbrella partners with leading IT companies to integrate our cloud-delivered IT security enforcement and intelligence platforms.
Security practitioners use myriad tools to protect their users and data. We believe the best protection comes from an integrated security defense—and not the type of integrations that involve 100+ hours of professional services help. We take our mission of “easy to deploy and simple to manage” as a key tenet of our partner program. Our focus is to enable our customers and partners to seamlessly integrate with our platform.
Threat protection amplification partners
Using Umbrella with our threat protection amplification partners, customers can extend their perimeter to the cloud and transparently protect any user and any device, in any location.
Using our APIs and unique view of the Internet, Investigate can also enrich your threat intelligence with real-time context about suspicious domains, IPs, and ASNs. You can add our risk scores to your IOCs across a number of attacker infrastructure attributes. For example, you can script different actions for domains based on Umbrella detecting that they use fast flux networks (FFNs) or were created by domain generation algorithms (DGAs).
Programmatically take immediate action on threat intelligence
Hours or days can go by before you manually configure appliance- or agent-based defenses to take action on newly aggregated threat intelligence. Cisco Umbrella enables you to complete the last necessary step to operationalize your threat intelligence. By leveraging Cisco Umbrella APIs, organizations can easily generate integration, enrichment and orchestration workflows. Our rich collection of APIs make it simple for you to aggregate Umbrella’s industry leading visibility with cross product intelligence and enhance your security posture.
Take advantage of the Cisco ecosystem
Sending your traffic to our cloud platform has never been easier. You can use your existing Cisco footprint to quickly provision thousands of network egresses and roaming laptops – protecting your off-network users, branch locations, and Wi-Fi users in minutes.
Our partnerships enable organizations to provide a secure and compliant Wi-Fi experience by enforcing network security and content filtering at the DNS layer.
Amplify existing IT security investments
Wouldn’t it be great if the intelligence gathered from your security tools, could be enforced everywhere? That is what we are doing with API-level integrations. You can take intelligence from your own data or other security solutions, like FireEye or Check Point, and enforce security policies on or off the network by integrating that information with Umbrella.
Reduce number of alerts and gain context on threats
Security teams are flooded with alerts from multiple systems. Use the Investigate API to programmatically pull contextual threat intelligence from the Global Network into your security management or incident response environment. The benefit? Your IT security team is provided global context with each alert. This reduces the time spent flipping between intel tools and gives your team more time to focus on critical incidents.
Simple configuration and management
It is challenging to configure and manage security in an environment with a distributed network. Different offices have different settings and it is hard to know which policies are enforced and in what order. Partners and practitioners can programmatically make configuration changes in the Umbrella environment and automate management.