Cisco Threat Response automates integrations across select Cisco Security products and accelerates key security operations functions: detection, investigation, and remediation. Threat Response integrates threat intelligence from Cisco Talos and third-party sources, which adds context from integrated Cisco Security products automatically so you know instantly which of your systems was targeted and how.
N/A
VirusTotal
Score 9.6 out of 10
N/A
Chronicle, a security company supported by Alphabet (Google), offers VirusTotal, a malware scanning and threat intelligence service.
It's well suited with any security operation center. So if someone is doing anything with security, whether it be firewalling, endpoint security whether it be email security, it's certainly suited to any type of security that can roll up security events. So this is a single pane of glass where you can view all your security events. So what it's doing is it's taking all your security silos that have historically been very difficult to manage and it's rolling everything up into one dashboard, so it makes it much easier to manage.
VirusTotal is good for ad-hoc analysis of suspicious files, but it's not a replacement for an anti-virus / anti-malware or EDR solution. It's a good way to confirm if suspicious activity is actually malicious or benign.
So the product enables end users to get visibility into their security environment, not only across the Cisco products but across the third-party products as well. The product also automates detection and response. So the product really offers end-user efficiency in the security operations center.
Of course, many companies prefer to obtain security from the cloud; however, not all of them prefer it, which is why having a local implementation would allow these companies to also use said software as their ally for their security.
Working with this software can be simple, that is, any threat can be visualized with greater precision, but when it comes to managing its orchestration, it is a bit complex.
Its integration with other software can be simple but with others it is not, that is why it would be ideal if all of them could be carried out in the same way.
Integrating with a larger number of third party software would be of great help, to further enhance the analysis and detection of threats.
A lot of the look and feel of both products is quite similar. There's several best practices on visualization that are followed in both and integration of common telemetry is comfortable and quick. But while Microsoft ATP offers deep insights into mostly the Microsoft environment and a limited view into other common sources, SecureX shines in all the non-client areas Microsoft's product seems lackluster in.
It is a solution that is of great help to reduce threats and their powerful damage, thanks to its high threat identification.
Its workflow automation saves time and money, that is, it makes possible a better performance in the team that handles corporate security because it helps them with the tasks.
By unifying security solutions, it gives the advantage of reducing operating costs and greatly improving responses to threats.
Their analyzes are vital to carry out a quick remediation and thus reduce the time in which the company is under threat.