SlideShare uma empresa Scribd logo

Cisco SecureX.pdf

W
WildhaniIhyaraRahman1

Cisco Extended Detection and Response

Tecnologia
1 de 18
Baixar para ler offline
Wildhani I R Cybersecurity Specialist SecureX
Agenda SecureX Value Proposition Understanding SecureX Demo SecureX Automated Threat Hunting Investigation Demo SecureX Orchestration Custom Response Actions 1 2 3 4
5 © 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public SecureX Value Proposition
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Top Customer Challenge Security Operations Technologies and Intelligence Is this thing bad? Has it affected us? How? Why? Web Security Network Analytics Next-Gen Firewall Email Security Third-Party Sources Secure Internet Gateway Next-Gen IPS Endpoint Security Threat Intel SIEM Identity Management Malware Detection Security Does Not Work Together
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Investigation Remediation Managed Policy Orchestration Automation Detection Analytics Unified Visibility What is SecureX Customer Infrastructure SIEM/SOAR Identity Third-Party/ITSM Intelligence Cisco Secure Applications Cloud Network Endpoint A Cloud-Native, Built-In Platform Experience Within Our Portfolio Customer Teams ITOps NetOps SecOps
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecureX Unlocks Value for Your Customers Integrations built-in, pre-built or custom Ribbon & Sign-on never leaves you maintains context Dashboard customizable for what matters to you Threat Response is at the core of the platform Orchestration drag-drop GUI for no/low code Unified In One Location for Maximized Operational Integrated & Open for Simplicity Visibility Efficiency Device Insights device inventory with the contextual awareness
6 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential How true simplicity is experienced Before: 32 minutes 2. Investigate incidents in multiple consoles Product dashboard 1 Product dashboard 2 Product dashboard 3 Product dashboard 4 3. Remediate by coordinating multiple teams Product dashboard 1 Product dashboard 2 Product dashboard 3 Product dashboard 4 1. IOC/alert After: 5 minutes SecureX threat response is integrated across your security infrastructure SHA - 256 IP Target endpoint Email Query intel and telemetry from multiple integrated products Subject Quickly visualize the Threat impact in your environment Remediate directly from one UI In one view Malicious domain
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Cisco Infrastructure Third-Party Infrastructure IT service management, and cloud/virtual and DevOps platforms General Toolsets Scripting/dev tools, system interfaces, data exchanges, and messaging protocols Networking, collaboration, server/ app, and Multicloud management platforms Third-Party Security Operational tools, intelligence sources, infrastructure protections and visibility Meaningful Integrations to Protect your Network HTTP SMTP SNMP …and more! ACI UCS Director CloudCenter DNA Center Cisco Webex
8 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential A new level of visibility with SecureX dashboard Understand what matters in one view across your security infrastructure • Applications (left) View, launch or trial the integrated products • Tiles (middle) Presents metrics and operational measures from the integrated products • News (right) Product updates, industry news, and blog posts
9 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential I make automated playbook changes in minutes with a drag- drop interface My top 5 most frustrating tasks have all be automated We have never communicated faster: Our approvals are automated Maximizing operational efficiency After: I combined 9 tasks across 3 security tools, 2 infrastructuresystems, and 3 teams in one keystroke! Solution:Orchestrating security across the full lifecycle Before: Repetitive, human-poweredtasks ALERT task: REMEDIATE Cisco or non-Cisco infrastructure Pre-built or customizable workflows task task task task while loop condition Go To: SecureX threat response deep dive Outdated playbook Automation script that works “sometimes” Playbook Integration script that no longer works
14 © 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public Understanding SecureX
11 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps The process of consulting all the modules to find out what any of them know about the observable(s). Enrichment DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation
12 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps DNS security Etc.. EPP NGIPS SecureX threat response EPP logs NGIPS logs DNS logs Etc. File Analysis Etc . IP reputation Domain reputation Enrichment The process of consulting all the modules to find out what any of them know about the observable(s).
13 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps Enrichment DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation The process of consulting all the modules to find out what any of them know about the observable(s).
14 SecOps The process of leveraging the capabilities of SecureX-enabled technologies to mitigate threats by acting on observables or targets Response DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
15 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps DNS security Etc.. EPP NGIPS SecureX threat response EPP logs NGIPS logs DNS logs Etc. File Analysis Etc . IP reputation Domain reputation Response The process of leveraging the capabilities of SecureX-enabled technologies to mitigate threats by acting on observables or targets
16 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential I’m a Cisco Secure customer with SecureX threat response My team can: Answer questions faster about observables. Block and unblock domains from threat response. Isolate Hosts Hunt for an observable associated with a known actor and immediately see organizational impact. Save a point in time snapshot of our investigations for further analysis. Document our analysis in a cloud casebook from all integrated or web-accessible tools, via an API. Integrate threat response easily into existing processes and custom tools Store our own threat intel in threat response private intel for use in investigations See Incidents all in one place Block and unblock file executions from threat response
Cisco SecureX.pdf

Recomendados

BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA Cyber Security
 
Building a Security Architecture
Building a Security ArchitectureBuilding a Security Architecture
Building a Security ArchitectureCisco Canada
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson
 
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...Cisco DevNet
 
Cisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre securityCisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre securityCisco Canada
 
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalWave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalQuek Lilian
 
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)Iftikhar Ali Iqbal
 
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco #ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco ITSitio.com
 

Recomendados

BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA Cyber Security
 
Building a Security Architecture
Building a Security ArchitectureBuilding a Security Architecture
Building a Security ArchitectureCisco Canada
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson
 
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...Cisco DevNet
 
Cisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre securityCisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre securityCisco Canada
 
Wave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalWave 14 - Winodws 7 Security Story Core by MVP Azra Rizal
Wave 14 - Winodws 7 Security Story Core by MVP Azra RizalQuek Lilian
 
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)Iftikhar Ali Iqbal
 
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco #ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco ITSitio.com
 
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...Cristian Garcia G.
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Russia
 
Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy NetworkCollaborators
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security EnhancementsPresentologics
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalVinod Kumar
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web SystemsInnoTech
 
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connectNur Shiqim Chok
 
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approachCisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approachNetworkCollaborators
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudRightScale
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaCisco do Brasil
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsEnergySec
 
CIS Control Solution Guide
CIS Control Solution Guide CIS Control Solution Guide
CIS Control Solution Guide Lauren Bell
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromPROIDEA
 
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRYDESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRYiQHub
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Decisions
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
 
Manoj Kumar_CA
Manoj Kumar_CAManoj Kumar_CA
Manoj Kumar_CAManoj Kumar M
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 

Mais conteúdo relacionado

Semelhante a Cisco SecureX.pdf

CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...Cristian Garcia G.
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Russia
 
Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy NetworkCollaborators
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security EnhancementsPresentologics
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalVinod Kumar
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web SystemsInnoTech
 
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connectNur Shiqim Chok
 
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approachCisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approachNetworkCollaborators
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudRightScale
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaCisco do Brasil
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsEnergySec
 
CIS Control Solution Guide
CIS Control Solution Guide CIS Control Solution Guide
CIS Control Solution Guide Lauren Bell
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromPROIDEA
 
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRYDESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRYiQHub
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Decisions
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
 

Semelhante a Cisco SecureX.pdf (20)

CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
CLÍNICA DE RESPUESTAS A INCIDENTES Y THREAT HUNTING - WORKSHOP DAY TÉCNICO DE...
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPs
 
Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security Enhancements
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web Systems
 
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
[Cisco Connect 2018 - Vietnam] Eric rennie sw cisco_connect
 
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approachCisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
Cisco Connect 2018 Malaysia - Cybersecurity strategy-an integrated approach
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid Cloud
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
 
CIS Control Solution Guide
CIS Control Solution Guide CIS Control Solution Guide
CIS Control Solution Guide
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin Nystrom
 
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRYDESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
DESIGNS & IMPLEMENTATIONS TO OVERCOME CHALLENGES IN THE UTILITY INDUSTRY
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSec
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
 
Manoj Kumar_CA
Manoj Kumar_CAManoj Kumar_CA
Manoj Kumar_CA
 

Último

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 

Último (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 

Cisco SecureX.pdf

  • 1. Wildhani I R Cybersecurity Specialist SecureX
  • 2. Agenda SecureX Value Proposition Understanding SecureX Demo SecureX Automated Threat Hunting Investigation Demo SecureX Orchestration Custom Response Actions 1 2 3 4
  • 3. 5 © 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public SecureX Value Proposition
  • 4. © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Top Customer Challenge Security Operations Technologies and Intelligence Is this thing bad? Has it affected us? How? Why? Web Security Network Analytics Next-Gen Firewall Email Security Third-Party Sources Secure Internet Gateway Next-Gen IPS Endpoint Security Threat Intel SIEM Identity Management Malware Detection Security Does Not Work Together
  • 5. © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Investigation Remediation Managed Policy Orchestration Automation Detection Analytics Unified Visibility What is SecureX Customer Infrastructure SIEM/SOAR Identity Third-Party/ITSM Intelligence Cisco Secure Applications Cloud Network Endpoint A Cloud-Native, Built-In Platform Experience Within Our Portfolio Customer Teams ITOps NetOps SecOps
  • 6. © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecureX Unlocks Value for Your Customers Integrations built-in, pre-built or custom Ribbon & Sign-on never leaves you maintains context Dashboard customizable for what matters to you Threat Response is at the core of the platform Orchestration drag-drop GUI for no/low code Unified In One Location for Maximized Operational Integrated & Open for Simplicity Visibility Efficiency Device Insights device inventory with the contextual awareness
  • 7. 6 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential How true simplicity is experienced Before: 32 minutes 2. Investigate incidents in multiple consoles Product dashboard 1 Product dashboard 2 Product dashboard 3 Product dashboard 4 3. Remediate by coordinating multiple teams Product dashboard 1 Product dashboard 2 Product dashboard 3 Product dashboard 4 1. IOC/alert After: 5 minutes SecureX threat response is integrated across your security infrastructure SHA - 256 IP Target endpoint Email Query intel and telemetry from multiple integrated products Subject Quickly visualize the Threat impact in your environment Remediate directly from one UI In one view Malicious domain
  • 8. © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Cisco Infrastructure Third-Party Infrastructure IT service management, and cloud/virtual and DevOps platforms General Toolsets Scripting/dev tools, system interfaces, data exchanges, and messaging protocols Networking, collaboration, server/ app, and Multicloud management platforms Third-Party Security Operational tools, intelligence sources, infrastructure protections and visibility Meaningful Integrations to Protect your Network HTTP SMTP SNMP …and more! ACI UCS Director CloudCenter DNA Center Cisco Webex
  • 9. 8 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential A new level of visibility with SecureX dashboard Understand what matters in one view across your security infrastructure • Applications (left) View, launch or trial the integrated products • Tiles (middle) Presents metrics and operational measures from the integrated products • News (right) Product updates, industry news, and blog posts
  • 10. 9 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential I make automated playbook changes in minutes with a drag- drop interface My top 5 most frustrating tasks have all be automated We have never communicated faster: Our approvals are automated Maximizing operational efficiency After: I combined 9 tasks across 3 security tools, 2 infrastructuresystems, and 3 teams in one keystroke! Solution:Orchestrating security across the full lifecycle Before: Repetitive, human-poweredtasks ALERT task: REMEDIATE Cisco or non-Cisco infrastructure Pre-built or customizable workflows task task task task while loop condition Go To: SecureX threat response deep dive Outdated playbook Automation script that works “sometimes” Playbook Integration script that no longer works
  • 11. 14 © 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public Understanding SecureX
  • 12. 11 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps The process of consulting all the modules to find out what any of them know about the observable(s). Enrichment DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation
  • 13. 12 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps DNS security Etc.. EPP NGIPS SecureX threat response EPP logs NGIPS logs DNS logs Etc. File Analysis Etc . IP reputation Domain reputation Enrichment The process of consulting all the modules to find out what any of them know about the observable(s).
  • 14. 13 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps Enrichment DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation The process of consulting all the modules to find out what any of them know about the observable(s).
  • 15. 14 SecOps The process of leveraging the capabilities of SecureX-enabled technologies to mitigate threats by acting on observables or targets Response DNS security Etc.. EPP NGIPS EPP logs NGIPS logs DNS logs Etc. SecureX threat response File Analysis Etc . IP reputation Domain reputation © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
  • 16. 15 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential SecOps DNS security Etc.. EPP NGIPS SecureX threat response EPP logs NGIPS logs DNS logs Etc. File Analysis Etc . IP reputation Domain reputation Response The process of leveraging the capabilities of SecureX-enabled technologies to mitigate threats by acting on observables or targets
  • 17. 16 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential I’m a Cisco Secure customer with SecureX threat response My team can: Answer questions faster about observables. Block and unblock domains from threat response. Isolate Hosts Hunt for an observable associated with a known actor and immediately see organizational impact. Save a point in time snapshot of our investigations for further analysis. Document our analysis in a cloud casebook from all integrated or web-accessible tools, via an API. Integrate threat response easily into existing processes and custom tools Store our own threat intel in threat response private intel for use in investigations See Incidents all in one place Block and unblock file executions from threat response