Cisco Blogs

#CiscoChampion Radio, S3|Ep. 30: Umbrella Investigate

December 13, 2016 - 1 Comment

#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’re discussing Umbrella Investigate.

Cisco Champion 2016Get the Podcast

  • Listen to this episode
  • Download this episode (right-click on the episode’s download button)
  • View this episode in iTunes

Cisco Guest
Jeremy Linden, Umbrella Investigate Product Management

Cisco Champion Hosts
Bill Carter (@ccie5502), Senior Solutions Analyst

Brian Remmel (@bremmel)

Podcast Discussion Topics

  • Splunk Add-on for Umbrella Investigate
  • Operational intelligence automation
  • Predictive threat intelligence
  • Connection insights
  • Unified Policy Network
  • Enforcement API
  • Automatic Security enrichment
  • Security events inside Splunk
  • SOC efficacy improvement
  • Critical incident triage
  • Connection investigation
  • Incident response prioritization
  • Secure, productive and protected
  • Malicious origins and potential threat reasearch
  • Security event enrichment
  • Domains, IPs, and file hash intelligence
  • Use cases


In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Excellent article, very well written and too the point!