incident response

Your business invests in all the latest security technologies. You run training. You meet your compliance requirements for scans and tests. You can stand up in front of the board and say with confidence “we’ve got this covered.” But are you as prepared as you think? New research from ESG sheds new light on threat […]

Cisco’s new EDR capabilities perform complex queries across all endpoints for forensic information and malware artifacts to simplify and accelerate threat hunting, incident investigations, remediation, and vulnerability and compliance assessments.

To reduce security complexities, accelerate cloud adoption and provide breach defense everywhere, Cisco created a comprehensive platform approach and introduces a series of innovations across its security portfolio.

As security practitioners who continuously look for adversarial malice, one of the questions we are asked frequently is: What’s around the corner?

With Cisco Threat Response, customers receive a powerful solution that can streamline and simplify detection, investigation, and remediation of threats. All of this can be accessed from a very easy, powerful tool in the new browser plugin (for Chrome and Firefox).

At Cisco, our leadership made the decision over twenty four years ago that we would clearly publicly communicate security vulnerabilities or other issues that could potentially expose customers to risk....

Defending against breaches today requires modern defenses, and technology that simplifies your security operations. That’s why we’ve brought Endpoint Protection Platform (EPP) and Endpoint Detection and Response (EDR) capabilities together in a single cloud-delivered solution called Cisco® Advanced Malware Protection (AMP) for Endpoints. It is relentless at stopping breaches and blocking malware, then rapidly detects, contains, and remediates advanced threats that evade front-line defenses.

Those of us who have been in security for more than 20 years are very familiar with the assertion that security is a process. For me, security has always been...

These blue team actions should be performed on top of any specific remedial actions that are carried out to resolve specific issues.