Cisco XDR

Cisco Live Melbourne SOC Report

Posted on March 1, 2024March 1, 2024 by Admin

Executive Summary. 1 The Team… 2 Team Leaders. 2 Core Infrastructure and Threat Hunting. 2 Threat Hunting. 2 Build and Operation. 2 SOC Architecture. 2 Cisco Secure Access Enables ZTNA for SOC Admins. 4 Powering XDR with the Cisco Secure Portfolio. 6 Analyst Stories. 9 New Domain Investigations. 9 Mirai Botnet Attempts. 11 Log4j Attempts. 14 SERVER-WEBAPP LB-Link Multiple BLRouters command injection attempt (1:62009:1) Dinkar Sharma, Aditya Sankar 16 Threat hunting and Noise reduction in…

NIS2 compliance for industrial networks: Are you ready?

Posted on February 16, 2024February 16, 2024 by Admin

Since the European Union (EU) signed the second version of the Network and Information Security (NIS2) Directive in December 2022, there has been a real frenzy all around Europe about it. NIS2 is now on top of the priority lists of most European Chief Information Security Officers (CISO). But do you know what it is? And most importantly, should you be concerned? You probably have no choice but to comply with NIS2 The short answer…

Agniane Stealer: Information stealer targeting cryptocurrency users

Posted on February 16, 2024February 16, 2024 by Admin

The Agniane Stealer is an information-stealing malware mainly targeting the cryptocurrency wallets of its victims. It gained popularity on the internet starting in August 2023. Recently, we have observed a distinct campaign spreading it across our telemetry. Our recent study has led to the successful identification and detailed analysis of a previously unrecognized network URL pattern. Our researchers have recently uncovered more information on the malware’s methods for file collection and the intricacies of its…

Security and AI Innovation: Creating New Opportunities for Partner Growth

Posted on February 13, 2024February 13, 2024 by Admin

I’m on the heels of another incredible week of Cisco events—this time with our customers and partners at Cisco Live EMEA. My main takeaways for partners: we’re driving new security opportunities for you and simplified, effective security for all. Let’s dive into it a bit more. New Security and AI Advancements It really hit home for me when I heard Jeetu Patel on stage talking about how we’ve had more innovations in Cisco Security in…

Cisco User Protection Suite Provides MSSPs a Comprehensive and Compelling Package

Posted on February 2, 2024February 2, 2024 by Admin

In August 2023, I authored a blog on Cisco Secure Access, where I discussed the advantages of utilizing a comprehensive, single vendor, Security Service Edge (SSE) packages for both customers and Managed Security Services Providers (MSSPs). Since then, Cisco has launched three security-focused suites that address key customer use cases for the user, for the cloud, and for breach protection. In this blog, we’ll explore the Cisco User Protection Suite, specifically, to understand what it…

Black Hat Europe 2023 NOC: Threat Hunting

Posted on January 19, 2024January 19, 2024 by Admin

Cisco is a longtime partner of the Black Hat NOC and 2023 was our seventh year supporting Black Hat Europe. Cisco is the Official Mobile Device Management, Malware Analysis and DNS (Domain Name Service) Provider. We work with the other official providers to bring the hardware, software and engineers to build and secure the network, for our joint customer: Black Hat. Arista: Wired and Wireless Network Equipment Corelight: Network Analytics and Detection NetWitness: Threat Detection…

MSSPs: Differentiate your Managed Security Offerings with Cisco XDR

Posted on January 16, 2024January 16, 2024 by Admin

As an MSSP (Managed Security Service Provider), there is no overstating the intense and well-founded focus on pervasive network security. Whether an organization is looking to secure the network, endpoint, email, cloud, applications, identity, or anything in between, security professionals are overwhelmed with the sheer volume of tools, technologies, and security methodologies that need to be considered. This is only exacerbated by the increasing number of complex threats and techniques being employed by bad actors…

Cisco XDR: SLEDs “SOC in a Box”

Posted on December 13, 2023December 13, 2023 by Admin

For State, Local, and Education (both Higher Ed and K-12) (SLED) entities the Security Operations Center (SOC) is a required tool in the toolbox and a necessity for Cyber Insurance. Threats to data and information are ever evolving, and better safeguarding the security of SLED entities is a must. The cornerstone of a robust defense is the SOC. In this blog, we’ll explore how Cisco XDR simplifies and enhances the operations of SLED-focused SOCs, helping…

Introducing Cisco Breach Protection, Delivering Complete Detection and Response of MITRE ATT&CK TTP’s

Posted on November 8, 2023November 8, 2023 by Admin

Security Operations Centers (SOC) are responsible for detecting and responding to potential cyber threats in real-time. With the increasing complexity of cyberattacks, it’s important for SOC teams to have comprehensive coverage of MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) tactics, techniques, and procedures (TTPs). Today we’re discussing the importance of having comprehensive coverage of MITRE ATT&CK TTPs in security operations, and how Cisco technology can help to achieve this goal. Why MITRE ATT&CK TTPs…

« 1 2 3

Cisco Live Melbourne SOC Report

NIS2 compliance for industrial networks: Are you ready?

Agniane Stealer: Information stealer targeting cryptocurrency users

Security and AI Innovation: Creating New Opportunities for Partner Growth

Cisco User Protection Suite Provides MSSPs a Comprehensive and Compelling Package

Black Hat Europe 2023 NOC: Threat Hunting

MSSPs: Differentiate your Managed Security Offerings with Cisco XDR

Cisco XDR: SLEDs “SOC in a Box”

Introducing Cisco Breach Protection, Delivering Complete Detection and Response of MITRE ATT&CK TTP’s

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)