414 0 Kommentare Cisco Doubles Down on Security Innovation and Investment to Protect the Endpoint and Email - Seite 2

Threat investigation with Cisco Visibility, a new cloud application built into the endpoint console which simplifies and accelerates security investigations so security analysts can rapidly investigate incidents with confidence, quickly and at scale. It ingests, normalizes, and enriches security events and provides a visual representation of the extent of a compromise spanning from endpoints to network to cloud.

Cisco Visibility combines threat intelligence from Cisco Talos(TM) and third parties with internal security event and alert data from across an organization's security infrastructure to simplify investigations, reduce complexity, and shorten incident triage and remediation time.
Visibility minimizes the need to switch between multiple consoles to perform common tasks. With a few simple clicks, a user can dive deeper into the data from Talos, Cisco Umbrella Investigate(TM), Threat Grid, AMP, and other sources to quickly understand how observables exist in an environment and how they relate to each other.

Cisco invests in new email security services
No matter how much the threat landscape changes, malicious email and spam remain vital tools for adversaries to distribute malware, and many of these threats reach the endpoint. Organizations must protect their own company domains from being misused as the delivery mechanism of malicious emails, as well as protect their internal users from phishing and spoofing attacks from emails with suspect senders.

Cisco is helping address these issues and more effectively prevent email identity deception used in phishing attacks. Cisco has concluded an OEM agreement with Agari to market and sell new services that enhance its Email Security product. The new email security services introduced include:

Cisco Domain Protection: Automates the process of using email authentication to prevent phishing, protect brands from fraud, and maintain email governance by analyzing, updating, and taking action against senders misusing their domain to send malicious email. This service uses Domain-Based Message Authentication, Reporting, and Conformance (DMARC), an email authentication standard, and real-time reporting back to domain users about noncompliant emails being sent from their domains. This will be a requirement for many organizations in the future, and as of October 2017, the U.S. Department of Homeland Security ordered federal agencies with .gov email domains to fully implement strict DMARC policies by October 2018.
Cisco Advanced Phishing Protection: Adds sophisticated machine learning capabilities to Cisco Email Security to block advanced identity deception attacks for inbound email by assessing its threat posture. It also uses both global and local telemetry data combined with analytics and modeling to validate the reputation and authenticity of senders. This helps organizations understand which emails carry targeted phishing and business email compromise (BEC) attacks so only legitimate emails reach an employee inbox.