Cisco Umbrella Investigate: Investigate attacks like never before
Attackers are already pivoting through your infrastructure. What if you could pivot through theirs?
Cisco Umbrella Investigate
Umbrella Investigate gives the most complete view of the relationships and evolution of internet domains, IPs, and files — helping to pinpoint attackers’ infrastructures and predict future threats. No other vendor offers the same level of interactive threat intelligence — exposing current and developing threats. Umbrella delivers the context you need for faster incident investigation and response.
1. Risk score
Access reliable threat scoring with rich visibility into what contributes to the score so you can triage faster.
2. DNS request patterns
See up-to-the minute views of DNS requests to a particular domain. A sudden spike in traffic may indicate malicious activity.
3. Passive DNS
Get deeper context on the domain with a snapshot of key events and tagged security categories for the past 5 years.
How Avanade uses Investigate for security and business decisions
Investigate is a swiss army knife of trying to understand endpoints on the internet. By using Investigate, it gives us that insight into why that’s happening, and how do we make the right business decision. Because blocking something is a business decision, it’s not always a technology decision.
Executive – ITS Enterprise Services, Avanade
The Investigate Advantage
Access our realtime threat intelligence to:
Proactively protect users
Uncover attacker infrastructure and stop attacks before they launch
Better prioritize incidents
Identify what alerts need additional investigation
Gain greater context for faster decision making and remediation
Intelligence that stacks up
Umbrella stops attacks from getting to your network or endpoints. Statistical and machine learning models combined with intelligence from Cisco Talos web reputation, Cisco Advanced Malware Protection (AMP) file reputation and AV engines for the most complete view of the relationships and evolution of internet domains, IPs, and malware. Easily enrich investigations with third-party integrations to amplify existing investment and…
72% of customers reduced investigation time by 50% or more with Cisco Umbrella Investigate.
More than half of Umbrella respondents saw a reduction in malware infections by 75% or more
Leveraging Investigate for efficient incident response and predictive security
Before we used the Investigate API in our incident response process, it might have taken our incident responders many hours, or even days, to respond to an incident. Now we’ve automated much of that process, so we can get it down to a very quick and efficient few minutes.
Head of Security, Yelp