Secure by Design: Enhanced Interfaces Improve Email Security and Malware Analysis

In the infosec world, it’s well established that time is a precious commodity. Time to detection and time to resolution are critical concepts that can mean the difference between a minor incident and making the news. In order to be effective, security teams need to be able to quickly access data, gather insights and take the necessary actions to keep their organizations safe. To that end, we’re committed to simplifying our user interfaces and making it easier to manage security effectively across an enterprise. Cisco Email Security and Cisco Threat Grid are two prime examples.

Cisco Email Security

Cisco Email Security’s new user interface focuses not only on adopting a Cisco standard for navigation and layout, but also improved usability for tracking, reporting and quarantine features. We have already started work on our resolution, to deliver enhanced visual tools so security operations analysts can better understand and identify the movement of suspicious behavior as it relates to email.

Here are some of the enhanced features:

Quickly Identify Specific Groups of Threats and Track Concerns Over Time

Our enhanced interface now allows administrators to not only identify and group threats into categories such as malware, spoofing, phishing and spam, it also allows the ability to see whether those threats are diminishing or growing over time.

Determining the volume of suspicious malware or spam caught is meaningful but it does not tell the entire story. The ability to classify threats into categories and how they change over time is what is truly important. This enables analysts to tune policies and discover potential threats that may evolve over time.

Finding and Understanding a Message’s Trajectory

The new user interface also simplifies the process to search for messages.  The message tracking summary page shows the direction and final state of the message. You can obtain more details about the pipeline of all the engines that have evaluated the message and what actions were taken. You can also drill down on details of the message events to show timeline of the order of the events and the verdicts of each engine.

Cisco Threat Grid

One of the underlying technologies in the Cisco portfolio that makes Cisco Email Security so effective is Cisco Threat Grid, the malware analysis and threat intelligence engine behind Cisco security products.

Cisco Security has recently introduced a new Threat Grid user interface that you will find to be much easier to use AND with a noticeable boost in speed. These improvements are designed to help customers accelerate the identification of threats and then address those threats faster. 

Below are some of the highlights.

Track Malware Analysis Performance and Trends Over Time

The new dashboard presents a number of high-level threat analysis statistics such as: Average Analysis Time, Average Threat Score, Number of Submissions, and Number of Convictions that give users a general sense of their threat posture.

Accelerate Incident Investigations by Getting to the Information that Matters Faster

Threat Grid also now presents thumbnails of recently submitted file samples so users can quickly and easily check their statuses and results to accelerate their investigations. The new user interface allows users to choose between seeing only their submissions or all submissions from their organization. Furthermore, users can now see the security products from which the malware samples were submitted and get a breakdown of the file types. Users can also look at their submissions over time by choosing from several convenient preset time periods.

Cisco Security is putting on a fresh face for 2018 and providing enhancements to help our customers realize the power of these products. Our wish is that you’ll take full advantage of them to keep your organization more secure this year.