Rob Gresham

Principal Engineer

Threat Detection and Response

As Principal Engineer for the Threat Detection and Response Business Group for Cisco, Rob's extensive 20-year career in IT and cybersecurity underscores his role as a cornerstone in the realm of digital defense. His journey is marked by significant contributions to SOC team building, incident response, security architecture, and digital forensics, with a specialized knack for threat intelligence. Beyond safeguarding public and private sectors, Rob is revered for enhancing professional training in cyber threat intelligence, incident response, and security operations. His current venture at Cisco finds him deeply involved in Security Investigation, Automation, and Response, continuing a legacy that flourished through tenures at Splunk, Phantom, McAfee, and Intel. A respected veteran, Rob dedicated 26 years to the U.S. military, offering critical cybersecurity consultancy before his retirement in 2016. His academic acumen is highlighted by a degree in computer information systems from Regis University, complemented by a suite of certifications that include CISSP, GSDA, GCIH, and GCIA. Rob's narrative is one of relentless dedication, intellectual mastery, and an unwavering commitment to giving back to cybersecurity industry.


March 27, 2024


Introducing Cisco XDR Playbooks: Finding the balance in automating and guiding incident response

3 min read

Delve into the world of Cisco XDR Playbooks, enhancing security operations with strategic guides and automation for robust incident response.

August 10, 2023


A More Resilient Future with Automated Ransomware Recovery

8 min read

Learn how a team of Principal Engineers at Cisco embarked on a journey towards automating ransomware recovery.