2020 has been a doozy of a year, and it can be an especially challenging time to keep your organization running smoothly in an already complex and ever-evolving security environment. Security analysts juggle an overwhelming number of alerts siloed across multiple consoles in order to counter attacks, protect against breaches, and stay compliant – and many are doing this while working from home for most of this year. This balancing act reminds me of my own personal experiences that you might be able to relate to.
Figure 1. With the SecureX ribbon browser extension, extract observables from third-party tools such as Splunk and take response actions.
For many of us this year, we’ve been juggling more than we would’ve ever anticipated. My typical day while working from home also consists of preschool drop-offs, ordering grocery deliveries, IT support for my son’s remote learning classes, and scheduling virtual medical appointments. It can be overwhelming to keep track of everything and everyone without outsourcing services like I might’ve done in the past. I have a secret weapon that has helped me navigate this “new normal” — a digital assistant. Before this year, the primary uses of my Google Nest Hubs’ were to (expensively) tell time and set cooking timers. However, during this global pandemic, it’s been put on overdrive to help simplify the chaos of a complicated 2020 for our household. This system keeps my life running smoothly: important appointment reminders, notifications via Family Bell for my son’s class schedule, broadcasting to my family that dinner is ready, and smart home automation throughout the day such as a turn-down schedule for the thermostat.
So just as a global pandemic waits for no one, neither does the critical work of a security operations team whose goal is keeping threat dwell time down and compliance up. That engine must keep running to stay ahead of the ever-evolving threat landscape. Something like a Google Nest Hub (or Amazon Echo Show, if that’s the ecosystem you’re partial to), could help you work more efficiently and effectively. Specifically, not only could you connect your security tools together in one place, even from third-party vendors, but also easily access these tools wherever you go and take just a minute to get started. Enter the SecureX ribbon, now available through a browser extension.
The SecureX platform debuted in June to simplify your security experiences by connecting Cisco Secure products and your existing infrastructure. One of the most powerful SecureX capabilities is the ribbon, which shares and maintains context on cases and incidents in one persistent location at the bottom of SecureX and Cisco Secure product consoles. It provides this cross-product functionality for more efficient threat hunting, incident management, as well as unified visibility and response actions – all across each of your consoles. As such, you can also launch these product consoles from the ribbon. The ribbon apps that enrich investigations are brokered by SecureX– available not only in SecureX but also Cisco Secure products.
Figure 2. The persistent ribbon within SecureX and Cisco Secure product consoles.
Now, SecureX takes it to the next level – the same ribbon functionality is now available through an extension for Firefox, Chrome, and Edge browsers. Similar to the Google Nest Hub, the SecureX ribbon is accessible through your endpoint security, network devices, and now any webpage or browser-based console — so customers can:
◉ Easily connect with your third-party tools. Make better use of your existing security tools, Cisco or otherwise, without a complex integration process. With the ribbon browser extension, you can extract observables or endpoint IPs into the ribbon app from your third-party tools and pivot into an investigation.
◉ Start investigating from your browser in one minute. That’s how long it takes to deploy the extension, and then you can kick off investigations immediately. Let’s say you start your day scanning the blogs by our industry-leading Cisco Talos or perhaps an ISAC from your industry. From either of those intel sources, you can quickly query endpoints, and take response actions without pivoting into another console.
◉ Collaborate across your security team better than ever before. With the extension, you can create or add to a case – directly from the browser – and share with team members. The unified experience is now even more accessible, and elevates cross-functional collaboration.
0 comments:
Post a Comment