Cisco has brought to market an eXtended detection and response (XDR) solution that "simplifies investigating incidents and enables security operations centers (SOCs) to immediately remediate threats," according to the company.
Jeetu Patel, Cisco's EVP and GM of security and collaboration, commented on Cisco XDR:
"With Cisco XDR, security operations teams can respond to and remediate threats before they have a chance to cause significant damage. Cisco continues to ensure that 'if it's connected, then rest assured you're also protected.' We are uniquely positioned to deliver integrated solutions that simplify securing today's increasingly complex, hybrid multi-cloud environments without compromising user experience."
Cisco XDR Goes Beyond Traditional Security Information and Event Management (SIEM)
Traditional SIEM technology lets organizations manage log-centric data and measure outcomes in days, Cisco pointed out. Comparatively, Cisco XDR emphasizes the use of telemetry-centric data and delivers outcomes in minutes.
Cisco XDR analyzes and correlates telemetry from six sources:
- Endpoints
- Networks
- Firewalls
- Emails
- Identities
- DNS
Cisco XDR uses insights from 200 million endpoints with Cisco Secure Client (formerly AnyConnect) to provide process-level visibility of where endpoints meet networks, Cisco indicated. It also applies analytics to prioritize threat detections to help SOCs automatically remediate security incidents.
Introducing Cisco XDR Out-of-the-Box Integrations
Cisco XDR integrates with third-party vendors to share telemetry, increase interoperability and deliver consistent outcomes, Cisco noted.
The out-of-the-box integrations at general availability include:
- CrowdStrike Falcon Insight XDR
- Cybereason Endpoint Detection and Response (EDR)
- Microsoft Defender for Endpoint
- Palo Alto Networks Cortex XDR
- SentinelOne Singularity
- Trend Vision One Email Threat Defense
- Proofpoint Email Protection Next-Generation Firewall (NGFW)
- Check Point Quantum
A beta version of Cisco XDR is now available. Cisco XDR is expected to be generally available in July 2023.
Cisco Upgrades All Paid Editions of Duo Multi-Factor Authentication (MFA) Solution
Along with introducing Cisco XDR, Cisco has announced it will add Trusted Endpoints to all its paid Duo Editions on May 1, 2023.
Trusted Endpoints ensures that organizations can authorize only registered or managed devices to access resources, Cisco indicated. As such, Trusted Endpoints helps organizations guard against MFA attacks.
Cisco Adds to Cloud Security Portfolio
Previously, Cisco in April 2023 purchased Lightspin Technologies, an Israeli cloud security software company. Lightspin brings end-to-end cloud security posture management (CSPM), cloud-native and cloud security technologies and expertise to Cisco. It has been integrated into Cisco's Emerging Technologies & Incubation (ET&I) business, according to Cisco.
Cisco offers application, cloud, network and other security products and services to global organizations. The company has a partner program for MSSPs, MSPs and other technology providers.
