With unique visibility across the network and endpoints, Cisco XDR Extended Detection and Response simplifies security operations and prioritizes and corrects incidents more efficiently.

San Francisco (RSA Conference), April 25, 2023. – Cisco has presented during the RSA event its new Extended Detection and Response (XDR) solution and advanced features for Duo MFA (access management through multifactor authentication).

The new features will help organizations better protect the integrity of their entire IT ecosystem, and are part of Cisco Security Cloud, a unified, multi-environment, AI-powered security platform.

Threat Detection and Response, Cisco XDR

Cisco’s XDR strategy combines its strong expertise and visibility across the network and endpoints into a risk-based solution. Cisco XDR, currently in beta and available in July 2023, simplifies incident investigation and enables security operations centers (SOCs) to immediately mitigate threats.

The native cloud solution applies analytics to prioritize detections and shifts the focus from endless investigations to solving the most urgent incidents through evidence-based automation.

“The cyber threat landscape is increasingly complex. Detection without response is insufficient, while response without detection is impossible. With Cisco XDR, security teams can respond to and remediate threats before they have a chance to cause significant damage.”highlights Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco.

While traditional Security Information and Event Management (SIEM) technology analyzes log-based data and measures results in days, Cisco XDR focuses on telemetry data and delivers results in minutes. It natively analyzes and correlates the six telemetry sources that SOCs consider critical in an XDR solution: endpoints, network, firewall, email, identity and DNS.

“Cybersecurity Experts Company ” Solutel

With the launch of Cisco XDR, SOLUTEL offers the detection and response service as a managed solution.

If something is unseen, it’s harder to detect and respond quickly! XDR provides that complete and consolidated view of your security posture, enabling you to respond to threats quickly and effectively.

It represents an evolution of security in the hybrid, multi-vendor, multi-threat environment in which we find ourselves. Solutel, as a technology partner with more than 26 years of experience in the networking and security sector, presents its customers with security solutions to help them achieve their business objectives, protecting their company’s production, both at IT and OT level.

Cisco XDR integrates with other third-party vendors

In addition to Cisco’s native telemetry, the Cisco XDR solution integrates with other third-party vendors to share data, extend interoperability and deliver consistent results regardless of manufacturer or technology. The initial set of out-of-the-box integrations includes:

• Endpoint Detection and Response (EDR): CrowdStrike Falcon Insight XDR, Endpoint Detection and Response, Microsoft Defender for Endpoint, Palo Alto Networks Cortex XDR, Trend Micro Vision One and SentinelOne Singularity.
• Defense against email threats: Microsoft Defender for Office and Proofpoint Email Protection.
• Next-Generation Firewall (NGFW): Check Point Quantum, Palo Alto Networks Next-Generation Firewall.
• Network Detection and Response (NDR): Darktrace DETECT™, Darktace RESPOND™ ExtraHop Reveal(x).
• Security Information and Event Management (SIEM): Microsoft Sentinel.

Zero trust and access management

As attackers exploit potential flaws in weaker multi-factor authentication(MFA) implementations, enterprises need to rely on three key pillars for their access management strategy: enforcing strong authentication, verifying devices and reducing the number of passwords in use.

As of May 1, 2023, Cisco will has included advanced functionalities in all commercial editions of Duoyour multifactor access management solution.. By integrating Trusted Endpoints in Duo along with the capabilities of Single Sign On, MFA, Passwordless and Verified PushIf a device is registered or managed, only registered or managed devices are allowed to access corporate resources. And Cisco’s entry-level Duo Essentials Edition is the most secure, cost-effective and easy-to-use access management solution on the market.

As Patel says, “Cisco continues to ensure that if the user is connected, they are also protected. We are uniquely positioned to offer integrated solutions that simplify the security of today’s increasingly complex multi-cloud hybrid environments, without compromising the user experience.”