Cisco SecureX is a security platform embedded with every Cisco security product. It adds value even with a single security product and multiplies the capabilities as you add more or connect your security infrastructure. It is cloud-native and requires no new technology to deploy.
The first benefit you'll experience is unifying visibility across your entire security environment, Cisco or otherwise. SecureX lists your current product apps as well as new ones to try. Included are customizable ROI metrics and operational measures across your security investments, based on what is important for your business. The activity feed notifies you of new analytical alerts, events, threat research, and more.
Think about how much time and how many screens your teams must pivot between to get this level of visibility. The time lost is cumulative! Your team is losing minutes, hours, and days! That lost time just keeps increasing as you keep adding new technology.
The Marketplace Recommendations option allows you to see the integrations with your security infrastructure that can unlock the full potential of your investments! All based on your most common work flows. Clicking on applications reveals hundreds of third-party integrations you can activate across the Cisco security portfolio. This out of the box interoperability greatly reduces complexity and overhead.
Another benefit is enabling automation with your security workflows. SecureX delivers the power of the largest threat research team on the planet into your SOC (Security Operations Center) with Cisco Talos. You get New Vulnerability Reports as Talos hunts for threats worldwide on your behalf. Then SecureX analytics can set up a potential data exfiltration alert that your company considers a high priority which then triggers a pre-built playbook!
SecureX automatically then assigns a case to a responder. Incident View aggregates information on the alert all in one place, including the network traffic analysis that generated it, and the playbook actions that already ran. A selection of pre-built play books are available via the automation tab. You can also build your own using Defined Actions and third-party adapters. These Playbooks will automatically enrich the alerts using endpoint security and advanced search apps. It adds Observables, including the target end point and connection to the host IP address. SecureX also enables better collaboration by including other security analysts on the case. Think about how manual this workflow is today across multiple security products!
Now we move our focus to SecureX's Threat Response app. If a target is connecting to a particular IP, and that IP resolves to a domain for which two files, one benign and one malicious have connected in the past, the Responder will deem this as a valid threat. SecureX provides the ability to immediately isolate the endpoint on any network.
The goal is to fully mitigate the data exfiltration risk and ensure no other endpoint can reach this IP address. SecureX can immediately block every user and device globally from connecting to the suspicious domain with Cisco Cloud Security.
The potential for human error is extremely high when these relationships aren't immediately recognized. Plus the extra time required to pivot between a few product screens without any shared contacts to complete the orchestrated workflow. SecureX provides more control with less effort, using your existing security investments.
The Advanced Search captures forensic snapshots of Threat Hunt Incidents. Let's dive a little deeper. The SecureX dashboard is always available for a consistent experience. It automatically extracts observables from every page visited which may become relevant information to future incidents. SecureX automatically correlates IP addresses to previous incidents discovered in Threat Response, Cloud Security, and the Search App. Cisco's IT Ops Team uses the search app to identify and inventory assets and because securex shared contacts generated by SecOps and IT Ops it accelerates hunting.
Together with unified visibility, analytics, and automated workflows SecureX can advance the security maturity of any size team. These are just a few examples of how SecureX will reduce complexity! SecureX will be available June 2020 until!
To learn whether Cisco SecureX might be right for your organization click below!