Earlier this week, Cisco Security released a blog announcing more than 26 new integrations with 3rd party security products. Here at Exabeam, we’re thrilled to have been prominently mentioned several times throughout the announcement for the value our integrations deliver to joint Cisco / Exabeam customers. This exemplifies the commitment we’ve made to working with Cisco Security as a strategic partner.
Exabeam was specifically mentioned for several integrations including:
- Cisco Firepower
- Cisco Umbrella
The joint value prop for these integrations is simple: holistic analysis for advanced threat detection and rapid threat containment. Allow me to explain:
Exabeam is able to ingest data from Cisco Firepower, Cisco Umbrella, and other Cisco Security solutions, then to analyze it alongside data from other 3rd party security products in a customer’s environment. These disparate data sources are mapped back to the responsible users and machines, and then used to build behavioral baselines. In other words, how an environment (the people and machines) normally behaves. Once baselines have been established, Exabeam is able to identify risky, anomalous activity which may be indicative of advanced threats like rogue or compromised insiders, data exfiltration, and lateral movement.
The second part of the value these partnerships provide happens after detection. After all, a security practitioner’s job is not over when they detect a problem; they must now respond to the threat. First off, Exabeam automatically stitches all available events and security alerts together to create a prebuilt incident timeline which enables analysts to perform rapid, investigations of incidents. From there, analysts can use Exabeam’s security orchestration to connect and coordinate incident response using all of the tools in their security arsenal. At the push of a button, analysts can run playbooks that might pull in additional data from reputation tools like Cisco Umbrella, detonate a malicious file in a sandbox like Cisco Threatgrid, or perhaps update a firewall rule in Cisco Firepower. Response playbooks tie these actions together into logical tasks such as performing investigation, containment, or remediation. Ultimately this automates tedious, manual processes, codifies response best practices to ensure consistent outcomes, and amplifies the productivity of SOC analysts.
Want to learn more about Cisco Security’s announcement? Check out their blog post here.
Similar Posts
Generative AI is Reshaping Cybersecurity. Is Your Organization Prepared?
British Library: Exabeam Insights into Lessons Learned
Beyond the Horizon: Navigating the Evolving Cybersecurity Landscape of 2024
Recent Posts
What’s New in Exabeam Product Development – March 2024
Take TDIR to a Whole New Level: Achieving Security Operations Excellence
Generative AI is Reshaping Cybersecurity. Is Your Organization Prepared?
Stay Informed
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See a world-class SIEM solution in action
Most reported breaches involved lost or stolen credentials. How can you keep pace?
Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.
Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.
Get a demo today!