Cisco XDR automates response to advanced threats
© Provided by Gadget Cisco Extended Detection and Response, launched in San Francisco last week, uses 'evidence-backed automation'.
At the RSA security conference in San Francisco last week, enterprise networking leader Cisco unveiled the latest progress towards its vision of the Cisco Security Cloud, a unified, AI-driven, cross-domain security platform.
Its Extended Detection and Response (XDR) solution and the release of advanced features for Duo MFA are aimed at helping organisations better protect the integrity of their entire IT ecosystem.
Cisco’s XDR strategy converges its deep expertise and visibility across the network and endpoints into one turnkey, risk-based solution. Now in Beta with general availability coming in July 2023, XDR simplifies investigating incidents and enables security operations centers (SOCs) to immediately remediate threats. The cloud-first solution applies analytics to prioritise detections and moves the focus from endless investigations to remediating the highest priority incidents with evidence-backed automation.
CONSTELLATION BRANDS, INC.
“The threat landscape is complex and evolving,” said Jeetu Patel, executive vice president and GM of security and collaboration at Cisco. “Detection without response is insufficient, while response without detection is impossible. With Cisco XDR, security operations teams can respond and remediate threats before they have a chance to cause significant damage.
“Cisco continues to ensure that ‘if it’s connected, then rest assured you’re also protected.’ We are positioned to deliver integrated solutions that simplify securing today’s increasingly complex, hybrid multi-cloud environments without compromising user experience.”
While traditional Security Information and Event Management (SIEM) technology provides management for log-centric data and measures outcomes in days, Cisco XDR focuses on telemetry-centric data and delivers outcomes in minutes. It natively analyses and correlates the six telemetry sources that Security Operations Center (SOC) operators say are critical for an XDR solution: endpoint, network, firewall, email, identity, and DNS.
On the endpoint specifically, Cisco XDR leverages insight from 200-million endpoints with Cisco Secure Client, formerly AnyConnect, to provide process-level visibility of where the endpoint meets the network.
In addition to Cisco’s native telemetry, Cisco XDR integrates with leading third-party vendors to share telemetry, increase interoperability, and deliver consistent outcomes regardless of vendor or technology.
The initial set of out-of-the-box integrations at general availability include:
“Throughout Logicalis’ decades-long pursuit to becoming a world class integrator; we have recognised the impact extensibility can have on the viability and efficacy of any solution,” said Brad Davenport, Vice President of Technical Architecture, Logicalis. “With the launch of Cisco XDR, we can finally provide our customers with XDR outcomes as a solution or managed offering. We see this as a natural progression for us along the security maturity journey. Logicalis is very excited to put our combined expertise to work for our clients and offer Cisco XDR to help them achieve their business outcomes.”
Zero Trust and Access Management
As attackers increasingly target gaps in weaker multi-factor authentication (MFA) implementations, Cisco is redefining what is essential for access management. Every business needs three key pillars for its access management strategy: enforcing strong authentication, verifying devices, and reducing the number of passwords in use. This is why, beginning on 1 May, Cisco is adding Trusted Endpoints to all its paid Duo Editions. Previously just available in Duo’s highest tier, Trusted Endpoints allows only registered or managed devices to access resources. By delivering Trusted Endpoints alongside Single Sign On, MFA, Passwordless, and Verified Push within the entry-level Duo Essentials edition, Cisco is delivering the most secure, cost-effective, and user-friendly access management solution on the market.
Biden Has Priceless Response To Fox News Question On Possible Trump Pardon
President Joe Biden was asked on Monday if he or any other future president should consider a pardon for Donald Trump, who is facing potential federal charges in the classified documents probe.
Biden didn’t provide much in the way of an answer ― yet managed to speak volumes at the same time.
The question came from Peter Doocy of Fox News.
“Did you see that Ron DeSantis said that if he became president he would pardon Trump?” Doocy asked. “Where are you on the idea of presidents pardoning Trump?”
Biden chuckled, waved and walked away.
“I’ll see you guys,” he said over his shoulder. “Great question.”
DeSantis, the governor of Florida and a Trump rival for the 2024 Republican presidential nomination, said last week he would look at “any example of disfavored treatment” as he considers pardons on “day one” of his presidency.
“I will have folks that will get together and look at all these cases ... people [who] are victims of weaponization or political targeting, and we will be aggressive at issuing pardons,” he said when asked about the possibility of pardons for the former president and the Jan. 6 rioters who attempted to block the certification of the 2020 election.