In today’s interconnected world, where cyber threats are evolving at an alarming rate, cybersecurity has become a paramount concern for individuals, businesses, and governments alike. The landscape of attacks is constantly shifting, requiring innovative solutions to protect sensitive data and digital infrastructure. One approach that has gained significant traction is the integration of cybersecurity products with cutting-edge technologies.

Cybersecurity product technology integrations that are based on Open Ecosystems can significantly enhance threat detection and prevention capabilities. By combining multiple security solutions, organizations can create a comprehensive defense mechanism that leverages the strengths of each individual product. Such integrations enable organizations to identify and mitigate vulnerabilities more effectively, thereby reducing the risk of successful cyberattacks.

Collaboration among cybersecurity products through integrations creates a synergistic defense approach. By sharing threat intelligence, data, and analysis, integrated solutions can identify patterns and correlations that might otherwise go unnoticed. For example, integrating endpoint protection with a threat intelligence platform allows for real-time information exchange, enabling faster detection of emerging threats and the deployment of necessary countermeasures across the network. By embracing Open cybersecurity product integrations, organizations can establish a robust cybersecurity ecosystem that safeguards critical assets and upholds the integrity of our digital world.

Cisco is committed to Open Ecosystems with a framework for third parties to plug into. All of Cisco’s new security and networking products have exposed APIs for multi-vendor product integrations. Our DevNet program is aimed at helping both developers and infrastructure professionals to harness the power of our APIs. The integrations can also include vendors we compete with, because collectively we can work together to strengthen our defenses and defeat our real adversaries

It’s been an exciting fiscal year for Cisco Secure with the launch Cisco XDR and Cisco Secure Access. Our Open ecosystem integrations with 3rd parties with the Cisco Secure Technical Alliance (CSTA) continued to grow and thrive. In this annual round-up we have added over new 30 integrations taking our integrations count to over 500. Congratulations to the new partners and to those that augmented their existing integrations. To see more details on each partner integration in this announcement, please read through the individual partner highlights below.

Happy Integrating.

More details about our partners and their integrations:

[1] New Cisco XDR Integrations

Endpoint Detection and Response

We announced Integrations with five leading EDRs with Cisco XDR reaching General Availability. These include CrowdStrike Falcon Insight XDR, SentinelOne Singularity, Microsoft Defender for Endpoint, Trend Micro Vision One, Cybereason Endpoint Detection and Response and Palo Alto Cortex XDR. Read more here.

Cohesity – XDR Ransomware Recovery

Once they’re affected by a ransomware attack, companies today are faced with a tough choice, either pay the ransom or hope they can restore from backup. But even then, the chance that the backups are too far out-of-date, or worse, corrupted, makes these situations expensive and frustrating. Cisco XDR has eliminated the need for companies to make that difficult choice by partnering with infrastructure and enterprise data backup and recovery vendors, like Cohesity, to reduce the amount of time between a ransomware outbreak, and a snapshot of the business-critical information, to near-zero. Read more here.

Cisco Secure Web Application Firewall (Radware WAF) 

Radware has collaborated with Cisco to bring visibility into Radware’s Cloud WAF platform within SecureX. This integration enables visibility into Radware Cloud WAF within the Cisco SecureX platform, which is designed to provide a single interface for administrators and operators to perform threat hunting, research, and automation across their install base. New capabilities include support for ipv6 and Command Center widgets (dashboard tiles). Read more here.

[2] New Cisco Secure Endpoint Integrations  

D3 Security SOAR

The Secure Endpoint integration with D3 Security SOAR enables automation of essential tasks, including: Add/remove file from block list by Hash, intake events, create Group, Isolate/Un-isolate Computer, and more. Read more here. 

eSecure SecureVisio

eSecure SecureVisio integrates with Secure Endpoint to automate response to threat detection, including: Check user activity, find machines where application is detected, Host isolation / remove from isolation. Read more here.


The Secure Endpoint app is now cloud ready and Splunk v9.0 compliant! Version 3.0 is available on Splunkbase. Read more here.

[3] New Cisco Cloud Security Integrations


Conceal has integrated with Cisco Umbrella allowing our joint customers to bring Cisco’s protection to every web interaction. Conceal delivers on-demand browser isolation for unknown or suspicious web content extending the security and detection capabilities of the Umbrella platform regardless of where the web call comes from application, mail, chat or browser. Customers connect our solutions by entering their integration details into the Conceal Platform allowing isolated browsing sessions to honor existing Cisco policy configurations. Read more here.


SaasYaan provides AI-powered online student safety for K-12 schools, enabling schools with advanced alerting of cyberbullying, self-harm, online grooming & threats of violence, easy reporting of student online activities, and flexible cybersecurity controls for the classroom. With Cisco Umbrella and SaasYaan, school administrators can easily monitor student activity by analyzing our DNS within SaasYaan’s data lake, taking blocking action when necessary. Read more here.


KnowBe4’s SecurityCoach is the first real-time security coaching product created to help IT and Security Operations teams further protect their organization’s largest attack surface — their employees. SecurityCoach integrates withKnowBe4’s new-school security awareness training platform and Cisco Umbrella to deliver immediate feedback to users at the moment risky behavior occurs. Read more here.

Elevate Security

Elevate Security now brings context from Cisco Umbrella to its platform that authenticates the risk of users most likely to cause a security breach. It puts together Umbrella’s unique insight with other leading security technologies to make nuanced, risk-based decisions at identity management providers and other enforcement points to minimize the likelihood of an incident. Read more here.

[4] New Cisco Firepower Next-Gen Firewall Integrations

Lumu Technologies

Lumu joins CSTA as a new partner. Lumu detects threats and makes automatic policy changes to Secure Firewall to protect the enterprise. Cisco Firepower and Lumu enable efficient cybersecurity operations through an integrated solution for network detection and response. Read more here.

Amazon Security Lake

The Cisco Secure Firewall Management Center integration with the AWS Security Lake cloud-based data lake enables you to store firewall logs in the Open Cybersecurity Schema Framework. Read more here.


With a focus on OT environments and compliance, Network-Perception automatically retrieves configuration from Secure Firewall and Secure Firewall ASA to identify potential configuration risks and vulnerabilities, alert key users of potential risk situations in near-real-time and have Network Engineers review an interactive visual representation of the network topology for cyber risks. Read more here.


Using Profitap’s Network Packet Brokering appliances, Secure Firewall customers can gain visibility into more network traffic without disrupting the network. Profitap provides network by pass allowing the firewall appliance to be removed from the network without downtime and traffic continues in the event of a hardware failure. Customers also benefit from packet de-duplication, tunneling and de-tunneling, packet slicing, aggregation, load-balancing, replication and more. Read more here.

CrowdStrike Falcon XDR

CrowdStrike Falcon XDR data ingestion from Cisco ASA helps monitor network threats continuously in real time. Read more here.

[5] New Secure Malware Analytics Integrations

D3 Security SOAR

The Secure Malware Analytics integration with D3 Security enables automation of essential tasks, including: detonate file, get threat summary, get Behavioral Indicators, check IP/URL reputation. Read more here.


This integration enables Corelight to send files extracted from network streams to Secure Malware Analytics for analysis. The integration was used effectively in the Black Hat USA NOC. Read more here.

[6] New Cisco Duo Integrations


Datawiza provides a new cloud-native access proxy to enable SSO, MFA and granular access control for applications and APIs. Datawiza + Duo provides secure access for self-hosted applications that don’t support SAML or OAuth with easy, no code development. These applications include critical homegrown applications and 3rd-party business applications, like Oracle JD Edwards (JDE),PeopleSoft, E-Business Suite (EBS) and Siebel. Read more here.


Revelstoke is a radically simple security orchestration, automation and response (SOAR) platform that empowers analysts with effortless automation and provides CISOs with comprehensive insight so the entire SOC team can work faster, smarter and more efficiently to defend their networks. Revelstoke + Duo speeds up the amount of time it takes to be notified of a security event and provides contextual UEBA to understand behavior patterns. Read more here.


Cohesity delivers a multi-cloud platform for data management services designed to consolidate silos onto one web-scale platform, spanning on-premises, cloud, and the edge. Duo + Cohesity integration lets organizations easily provide secure access to Cohesity with Duo SSO. Ensuring only verified users on verified devices are accessing Cohesity’s data management platform. Read more here 


Bigtincan provides a platform for organizations to empower customer-facing teams to increase engagement and gain more revenue. Bigtincan’s integration with Duo SSO makes it easy for employees to login to their portal and manage their customer tracking. Read more here.

Arctic Wolf

Arctic Wolf provides security monitoring to detect and respond to cyber threats. Arctic Wolf’s integration with Duo allows them to ingest and monitor logs from Duo. Making it easy for teams to bring all their security products together for comprehensive monitoring. Read more here.


Add two-factor authentication and flexible security policies to ServiceNow SAML 2.0 logins with Duo Single-Sign On. Our cloud-hosted SSO identity provider offers inline user enrollment, self-service device management, and support for a variety of authentication methods. Read more here.


We have two integrations with the cloud-based SIEM, Panther. Duo SSO for Panther for secure access, Universal Prompt, Passwordless…all the goodness. Also Duo log ingestion to analyze user access, monitor unexpected behavior and identity suspicious visits from offline devices. Read more here.


Customers that utilize Inuvika OVD Enterprise can now use Duo to provide secure access to their Linux and Windows applications and desktops no matter what device they are on. This integration was built with Duo’s APIs. Read more here.


Protect access to Rapid7 with Duo SSO and give organizations the opportunity to go passwordless and utilize Duo’s flexible security policies. Read more here.


Pathlock (formerly Appsian, formerly Greyheller) has updated their Duo integration to support the Duo Universal Prompt. Customers can utilize the new integration today to protect access to PeopleSoft. Read more here.

[7] New Cisco Secure Email Gateway Integrations

CrowdStrike Falcon XDR

CrowdStrike Falcon XDR data ingestion from Cisco Secure Email Gateway helps monitor email threats continuously in real time with threat prioritization. Read more here.

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels



Brian Gonsalves

Senior Manager, Product Management & Business Development

Security Business Group