In part one of this Relevant and Extended Detection with SecureX series, we introduced the notion of risk-based extended detection with Cisco SecureX – the idea that a user can prioritise detections into incidents based on their idea of what constitutes risk in their environments and then extend those detections with enrichments from other products. In subsequent posts we are … [Read more...] about Relevant and Extended Detection with SecureX, Part Three: Behaviour-Based Detections with Secure Network Analytics
Analytics
How to Respond to Apache Log4j using Cisco Secure Analytics
IT and Security professionals worldwide are working to assess and mitigate their exposure to Apache Log4j vulnerability (CVE-2021-44228). The following guide has been put together for current Secure Network Analytics and Secure Cloud Analytics customers, providing suggested ways to leverage your deployment to assist in your detection and response efforts. To learn more about … [Read more...] about How to Respond to Apache Log4j using Cisco Secure Analytics
Critical Flaws Uncovered in Pentaho Business Analytics Software
Multiple vulnerabilities have been disclosed in Hitachi Vantara's Pentaho Business Analytics software that could be abused by malicious actors to upload arbitrary data files and even execute arbitrary code on the underlying host system of the application. The security weaknesses were reported by researchers Alberto Favero from German cybersecurity firm Hawsec and Altion Malka … [Read more...] about Critical Flaws Uncovered in Pentaho Business Analytics Software
Mapping Secure Endpoint (and Malware Analytics) to NIST CSF Categories and Sub-Categories
Cisco Secure Endpoint (AMP for Endpoints) with Malware Analytics (ThreatGrid) offers Prevention, Detection, Threat Hunting and Response capabilities in a single solution. It protects Endpoints (Windows, Mac, Linux, Android, and iOS) and prevents breaches, blocks malware at the point of entry and continuously monitors and analyses files and processes to quickly detect, contain, … [Read more...] about Mapping Secure Endpoint (and Malware Analytics) to NIST CSF Categories and Sub-Categories
Mapping Secure Network Analytics (and Cognitive) to NIST CSF Categories and Sub-Categories
Secure Network Analytics uses flow telemetry such as NetFlow, jFlow, sFlow, IPFIX, and packet-level data and helps in reducing the risk to an organisation. It offers network performance monitoring, behaviour-based anomaly detection and advanced threat detection to deliver network visibility into physical and virtual environments from a single platform. NIST CSF Categories and … [Read more...] about Mapping Secure Network Analytics (and Cognitive) to NIST CSF Categories and Sub-Categories
Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2
We are very excited to announce new Secure Network Analytics features! With release 7.3.2, we have furthered our efforts to extend the zero-trust workplace to anywhere on any device through significant enhancements to Secure Network Analytics’ ability to provide complete and continuous remote worker visibility and have also expanded data collection from integrated Cisco Secure … [Read more...] about Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2
Extending Detection into Automated Response with SecureX and Secure Cloud Analytics
Networks span across the enterprise, campus, branch, and into the cloud. Resources that enable agile operational models to allow the business to anticipate and respond to change are expanding the attack surface and bring with them more complexity. Complexity that attackers are taking advantage of. Meanwhile an ever-increasing amount of sensitive and legally protected data is … [Read more...] about Extending Detection into Automated Response with SecureX and Secure Cloud Analytics
Straight from the source: 3 ways customers are improving security with Secure Network Analytics
We know all too well that security can be a grind and that modern threats are and will continue to become more and more stealthy and sophisticated. A few years ago, the typical security practitioner’s plight was often described as an anxiety-inducing and exhausting existence that involved sifting through an endless barrage of alerts and reacting whenever known threats had … [Read more...] about Straight from the source: 3 ways customers are improving security with Secure Network Analytics
Detecting and Responding to SolarWinds Infrastructure Attack with Cisco Secure Analytics
On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distribute a malware named SUNBURST, and then used this foothold in the organization to contact their Command & Control … [Read more...] about Detecting and Responding to SolarWinds Infrastructure Attack with Cisco Secure Analytics
Visualize and validate policy, increase remote worker telemetry, and embrace zero trust with Network Analytics Release 7.3.1
We have heard it before. Securing your organization isn’t getting any easier. The remote workforce is expanding the attack surface. We need context from users and endpoints to control proper access, and IT teams need to ensure our data stores are resilient and always available to gain the telemetry they need to reduce risk. Yes, zero trust is a great approach, but network … [Read more...] about Visualize and validate policy, increase remote worker telemetry, and embrace zero trust with Network Analytics Release 7.3.1