• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • About Us
  • Contact Us

iHash

News and How to's

  • BasketPong Giant Yard Pong Basketball Game for $150

    BasketPong Giant Yard Pong Basketball Game for $150
  • Night Eye Pro: Lifetime Subscription for $19

    Night Eye Pro: Lifetime Subscription for $19
  • The Essential At Home Baking Masterclass Bundle for $19

    The Essential At Home Baking Masterclass Bundle for $19
  • The Microsoft Azure Fundamentals, Administration & Security Certification Bundle for $49

    The Microsoft Azure Fundamentals, Administration & Security Certification Bundle for $49
  • Apple Ipad Air 2 128GB – Gold (Refurbished: Wi-Fi + Cellular) for $481

    Apple Ipad Air 2 128GB – Gold (Refurbished: Wi-Fi + Cellular) for $481
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

SecureX threat response Turnkey Integrations

Jun 16, 2021 by iHash Leave a Comment


SecureX turns one year old next month. It has been quite a journey from the first announcement at RSA Conference 2020, when there was one 3rd party integration (VirusTotal), to the release of SecureX the summer of 2020 with a large ecosystem. When SecureX was launched, we had several turnkey partner integrations into SecureX, like the Splunk add-on and QRadar extension. However, for all other SecureX threat response 3rd party modules, there was a requirement to deploy code from GitHub to a relay server (self-hosted by the user or a cloud, like AWS) so the APIs could communicate with each other and translate the threat intelligence.

Now, all Cisco-supported integrations in SecureX are turnkey/out-of-the-box. No configuration is required, just enter your API key. For those who would like to host their own integrations, tinker/hack around some code and/or build your own integrations, we continue to post the code to GitHub for educational purposes. The training and documentation resources of DevNet remain available. Cisco Secure is committed to an open and robust ecosystem, as explored in the ESG Showcase paper.

SecureX Integration Modules
SecureX Integration Modules

Nearly a dozen free/community security technology integrations are included, with details on how to set up your own free account.

urlscan.io Add New Module
urlscan.io – Add New Module

And, then just paste in the API key and click Save.

urlscan.io API Key
urlscan.io – API Key

In just a few moments, you will have the new integration available to you in an investigation, with critical context visualized, such as related malicious URLs and hash values, and if your network is affected (if you have Target information from Cisco Secure Endpoint, Secure Firewall or other target sources).

urlscan IP Address
urlscan – IP Address

From there, you will be able to take immediate response action, such as blocking an IP address on your firewall.

Response Action
Response Action

In case you missed it, here are some of the latest integrations with SecureX:

Table of Contents

  • Splunk CESA
  • IBM X-Force Exchange
  • Bastille Networks
  • Vade Secure IsItPhishing
    • Palo Alto Networks AutoFocus
    • Sixgill Darkfeed

Splunk CESA

Cisco and Splunk Logos - Better Together Cisco Endpoint Security Analytics (CESA) delivers Cisco AnyConnect endpoint data to prebuilt Splunk analytics and dashboards. This add-on enables SecureX threat response investigations to access telemetry that has been generated by the AnyConnect Network Visibility Module. Supported observable types include IPv4 addresses, IPv6 addresses, domains, file names and SHA256 file hashes. The extension for Splunk is also available for download.

 

IBM X-Force Exchange

IBM Security Logo IBM X-Force Exchange integration in SecureX enables an investigator to query X-Force Exchange for observables (IP, IPV6, Domain, URL, MD5, SHA1, SHA256) and return verdicts to SecureX threat response, based on the Risk Score. Be sure to view our demo video of IBM QRadar – SecureX – IBM X-Force Exchange for additional information.

 

Bastille Networks

Bastille Networks Logo Radio frequency (RF) network and device data collected by Bastille Networks are available in SecureX threat response as an integrated source. Data includes: RF Device location information RF Device packet information RF Network connectivity Data is available on a number of RF protocols including Cellular, Bluetooth, Bluetooth Low Energy, Wi-Fi, and IEEE 802.15.4 RF information can be cross-referenced back to an endpoint on your network using the SecureX Threat Response Bastille integration.

 

Vade Secure IsItPhishing

Vade Secure IsItPhishing Logo Vade Secure’s IsItPhishing API provides a quick way to lookup a URL to determine if it is phishing. SecureX threat response user initiates an investigation via the UI or API, and module returns Judgement and Verdict. More details are available.

Palo Alto Networks AutoFocus

Palo Alto Networks Logo SecureX threat response queries Palo Alto Networks AutoFocus for Sightings, Targets, and Judgements as well as any observable relations (such as name of SHA256, IP hosting a domain, etc.). Investigator has the ability to pivot into AutoFocus for additional context. Take a look at our GitHub page for more information.

Sixgill Darkfeed

Sixgill Darkfeed Logo Block threats and enrich endpoint protection in real-time, straight from the SecureX dashboard with Darkfeed. Powered by Sixgill’s unparalleled deep and dark web automated collection, SecureX users can now:

1. Automatically Enrich IOCs from Cisco Secure X (machine-to-machine)
2. Gain unparalleled context with essential explanations of IOCs (hash/url/domain)
3. Enhance Cisco SecureX with seamless integration of real-time contextual data from the most comprehensive coverage of deep and dark underground sources
4. Proactively analyze and investigate new malware threats as they emerge
5. Get actionable insights to effectively mitigate threats and better understand malware TTPs and trends
6. Easily & intuitively visualize your threat map

 

As the SecureX ecosystem turns one year old, look for more integrations to be released this summer. If you have a favorite security tool that is not currently integrated in SecureX, encourage them to check out the resources on DevNet and GitHub, and then drop us a note. The Cisco Secure Technical Alliance is  comprised of 200+ companies / 350+ integrations, growing and open to those security companies who are working to solve problems and help build a more secure and inclusive future for all.

 


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn

 

Share:





Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: Integrations, Response, SecureX, Threat, Turnkey

Special Offers

  • BasketPong Giant Yard Pong Basketball Game for $150

    BasketPong Giant Yard Pong Basketball Game for $150
  • Night Eye Pro: Lifetime Subscription for $19

    Night Eye Pro: Lifetime Subscription for $19
  • The Essential At Home Baking Masterclass Bundle for $19

    The Essential At Home Baking Masterclass Bundle for $19
  • The Microsoft Azure Fundamentals, Administration & Security Certification Bundle for $49

    The Microsoft Azure Fundamentals, Administration & Security Certification Bundle for $49
  • Apple Ipad Air 2 128GB – Gold (Refurbished: Wi-Fi + Cellular) for $481

    Apple Ipad Air 2 128GB – Gold (Refurbished: Wi-Fi + Cellular) for $481

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

E-mail Newsletter

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

Researchers Find Backdoor in School Management Plugin for WordPress

May 21, 2022 By iHash

BasketPong Giant Yard Pong Basketball Game for $150

May 21, 2022 By iHash

Tags

* Apple Cisco computer security cyber attacks cyber crime cyber news Cyber Security cybersecurity cyber security news cyber security news today cyber security updates cyber threats cyber updates data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS iOS 7 iOS 8 iPhone iPhone 6 Malware microsoft network security Privacy ransomware malware risk management security security breaches security vulnerabilities software vulnerability the hacker news Threat update video web applications

Latest

How to deploy NLP: Text Embeddings and Vector Search

How to deploy NLP: Text Embeddings and Vector Search

How to deploy NLP: Text Embeddings and Vector Search English简体中文한국어日本語FrançaisDeutschEspañolPortuguês As part of our natural language processing (NLP) blog series, we will walk through an example of using a text embedding model to generate vector representations of textual contents and demonstrating vector similarity search on generated vectors. We will deploy a publicly available model on […]

Universal Access to Big Data is Here

Who is using Big Data to forecast industry trends, pursue growth hacking and improve customer relations? Banks and financial institutions; insurance companies; retail; manufacturing; healthcare and real estate – almost any industry can harness business intelligence solutions through key data findings.  Big Data is in the cloud just waiting to be mined and analyzed by […]

Night Eye Pro: Lifetime Subscription for $19

Expires May 21, 2122 23:59 PST Buy now and get 52% off KEY FEATURES Night Eye is a browser extension that enables dark mode on nearly any website on the Internet. It is easy to use, available on all major browsers and comes with 3 months of a completely free trial. The extension offers significant […]

Apple Ipad Air 2 128GB – Gold (Refurbished: Wi-Fi + Cellular) for $481

Expires May 16, 2122 23:59 PST Buy now and get 9% off KEY FEATURES This refurbished iPad Air is the perfect balance of power, design, and value. It has a gorgeous 9.7-inch Retina display, yet it’s 6.1mm thin and weighs just 0.96 pounds! So, it’s not just incredibly portable, it’s also fast and responsive, with […]

“Above the Trend Line” – Your Industry Rumor Central for 5/20/2022

Above the Trend Line: your industry rumor central is a recurring feature of insideBIGDATA. In this column, we present a variety of short time-critical news items grouped by category such as M&A activity, people movements, funding news, industry partnerships, customer wins, rumors and general scuttlebutt floating around the big data, data science and machine learning […]

Cytrox’s Predator Spyware Targeted Android Users with Zero-Day Exploits

Google’s Threat Analysis Group (TAG) on Thursday pointed fingers at a North Macedonian spyware developer named Cytrox for developing exploits against five zero-day (aka 0-day) flaws, four in Chrome and one in Android, to target Android users. “The 0-day exploits were used alongside n-day exploits as the developers took advantage of the time difference between […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2022
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT