Two Clicks to Root Cause


September 17, 2019 - 0 Comments

It’s always fun to work with people who both educate and entertain. Mike Storm and I don’t get enough opportunity to do this, but I am really proud of this show. We had a little fun with the cold open, but quickly get into some fun details for Cisco Threat Response.

The security metric nobody likes talking about.

Dwell time.

It’s uncomfortable.

It requires an admission that security incidents happen, and they can take a long time to surface.
In fact, the last few years actual dwell time’ has been hovering around 200 days.
Shrinking this time is the most direct way to lower the incredible cost of a security breach.

The answer is not to try and clone your security team.

Cisco Threat Response automates integrations across select Cisco Security products and accelerates key security operations functions: detection, investigation, and remediation. It is a key pillar of our integrated security architecture.

Get more value from your Cisco Security investment when the products work together to save you time and manual effort–especially when you are under attack and time matters most.

The file is the root of the problem. As a security operator, my goal is, how did the file get here? Where did it come from?

If you already own AMP for Endpoints, Cisco Umbrella, Email Security, or Threat Grid, you can use Threat Response for free. Even if you don’t, you can still trial any of them AND get access to Threat Response.

cisco.com/go/threatresponse

Thanks for watching.



Leave a comment

We'd love to hear from you! Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed and HTML formatting will not appear.