Security

4 min read

Explore a Cisco TME's experience in the Cisco Live SOC, detailing efficient onboarding, incident escalation, and a real-world DDoS attack investigation and response.

2 min read

Splunk's coalesce function treats empty fields as non-null. Learn to use Splunk macros to convert empty strings to nulls for accurate data selection and reliable detections.

3 min read

Cisco Live SOC adapted Splunk ESCU detections for Cisco Secure Firewall syslog. Learn to modify macros and promote EVE events to incidents for enhanced threat visibility and response.

3 min read

Recap Cisco Live Melbourne SOC tours: See how Cisco XDR and Splunk Enterprise Security integrate for rapid threat containment, enhanced visibility, and analyst empowerment.

2 min read

Learn how Cisco XDR, Splunk, and Firewall were used at Cisco Live Melbourne to rapidly investigate and resolve a malicious traffic spike incident on attendee Wi-Fi.

2 min read

Learn how Cisco XDR integrates with StealthMole for real-time dark web threat intelligence, enabling SOC teams to rapidly identify and respond to compromised credentials.

3 min read

SOC teams need more evidence for deep investigations. Learn how Cisco XDR Forensics provides rich, interactive data to trace complex attacks and uncover malicious content.

3 min read

The segmentation journey starts with visibility, goes through identity context, policy and enforcement, ultimately returning to enhanced visibility.

4 min read

The 2025 Cisco Segmentation Report shows that the concept’s adaptability makes it a foundational cornerstone for modern enterprise security strategies.