Category Archives: Cisco Live

Branch Security for the Digital Age

The market consideration and adoption of software-defined WAN represents the largest WAN transformation in recent history. Organizations are turning to SD-WAN to improve connectivity, reduce costs, and simplify management at their branch locations. In fact, a recent research study from the Enterprise Strategy Group (ESG)  found that 4 out of 5 organizations report using SD-WAN in some capacity already. Instead of backhauling all traffic through the corporate network, the research also indicated that 79 percent of organizations are shifting to direct internet access (DIA) for all or some remote and branch offices.*  With DIA, enterprises can accelerate their digital transformation with faster access to cloud applications and workloads. While the benefits are clear, this also introduces new security challenges.

The shift to SD-WAN creates new security challenges

Security has to be top of mind as you transform your network with SD-WAN and move to DIA. Branch offices and roaming users are more vulnerable to attacks, and attackers quickly exploit weaknesses. Based on the ESG research, 68 percent of branch offices and roaming users were the source of compromise in recent attacks. And as organizations move to more DIA, this becomes an even greater risk. Scaling security at every location often means more appliances to ship and manage, more policies to separately maintain, which translates into more money and resources needed.

But it doesn’t have to be that way. SD-WAN makes your networking simple and that’s the way that your security should be, too. You need security that can effectively scale across all locations, provide simple management, and enable you to easily add security services as needed.

Extend protection from the network to branch offices to roaming users with powerful cloud security

At Cisco, we want to make sure you have choices with your preferred security solution. Last November, we announced that we built a set of security capabilities into our SD-WAN devices to provide a complete on-prem solution. Now, we are delivering additional feature functionality to Umbrella, our market leading security cloud platform, to deliver a complete secure internet gateway (SIG) so you can secure your SD-WAN from the cloud. When it comes to protecting your SD-WAN, Cisco provides the flexibility you need whether on-prem, in the cloud, or both. Regardless of your deployment choice, we have you covered.

Built on top of the fastest and most reliable infrastructure, Umbrella provides simple deployment and management. In a single cloud platform, it unifies multiple layers of security—including DNS, secure web gateway, firewall, and cloud access security (CASB). It also acts as your secure onramp to the internet by offering secure internet access and controlled SaaS usage across all locations and roaming users. And we continue to deeply integrate Umbrella with Cisco SD-WAN to deliver ease of use that is unmatched across the industry.

As a leader in both networking and security, only Cisco can deliver a truly secure experience. We’re committed to offering security that is integrated into our network solutions, with simple configuration and unified policies that can be easily enforced across your entire enterprise, in every location, and anywhere users travel. As demonstrated by our expanding capabilities, we continue to make huge investments in our R&D to rapidly make our cloud security even stronger.

As you make the transition to SD-WAN and DIA, you can trust Cisco to bring together the best in SD-WAN with the most effective, most reliable, and simplest cloud security to protect it. This is just the start of the journey!

If you’re ready to learn more, visit And if you are attending Cisco Live U.S., stop by the Umbrella booth in the World of Solutions to get a demo.

*ESG Research Survey, Cisco Secure Internet Gateway Survey, January 2019

The post Branch Security for the Digital Age appeared first on Cisco Blog.

3 things you need to know about Cisco Threat Response at CLUS

Overwhelmed by the sheer volume of security alerts and potential threats hitting your SOC? Security risks have never been greater, with networks expanding into the cloud, the explosion of mobile and IoT devices, and increasingly sophisticated threats. On top of that, disparate security tools make it tougher to find and remediate threats, especially when you’re under attack and time matters most.

So how can you stay ahead of threats? Enter Cisco Threat Response, a tool that was created to help SOC analysts simplify and speed threat detection, investigation, and remediation from a single interface.

This week at Cisco Live, we’re excited to share continued innovations from Threat Response designed to make your life even easier.

1. Introducing our integration with Cisco Firepower NGFW

You may know that Threat Response is already integrated across multiple Cisco Security products – AMP for Endpoints, Threat Grid, Umbrella, and Email Security. In the coming weeks, you will be able to analyze and triage high priority IPS alerts in Threat Response and enrich these IPS events alongside data from other integrated products. This means  streamlined threat investigations with a fuller picture of the impact across your network, all from a single console.

Join us at Cisco Live to get a preview of this exciting integration. You can see a live NGFW demo at the Cisco Security booth in the World of Solutions. In the meantime, check out this new episode of ThreatWise TV that showcases how Firepower events are integrated into Threat Response.

2. Learn how to enhance your existing SIEM and SOAR tools with open APIs

Threat Response isn’t trying to replace the SIEM or SOAR you’ve already got; rather you can leverage our open APIs for 3rd-party integrations to complement your existing security stack. Script up your own integrations to automate data enrichment and response actions across multiple security products, all in a single interface for a seamless workflow.

At Cisco Live, get your learn on and get hands-on in the DevNet Zone:

  • DEVNET-2505– Automate your threat hunting workflow with Cisco Threat Response APIs – Presented by Christopher Van Der Made.
  • DEVWKS-2639– Security Research and Response Workflows with APIs – Workshop with Neil Patel.

3. Use our browser plug-ins to access threat intel and kick off investigations now

Still haven’t leveraged our APIs or you’re using non-Cisco security products?  Don’t worry, you can still use Cisco Threat Response thanks to our browser plug-ins for Chrome and Firefox. In seconds, you’ll be able to pull threat intelligence to get verdicts on observables and start investigations.

You can see the Threat Response browser plug-in in action in demos and breakout sessions at Cisco Live. We’ll show you how you can pull threat data from sources like Talos  and take actions without native integrations.

  • Demos across the Cisco Security booth in World of Solutions, such as Stealthwatch Cloud.
  • BRKSEC-2433– Threat hunting and incident response with Cisco Threat Response – Breakout session with Ben Greenbaum.

Additionally, you can check out Threat Response elsewhere on the ground in San Diego:

More integrated demos at the Cisco Security booth in World of Solutions

  • AMP for Endpoints
  • Email Security
  • Umbrella theater sessions: Umbrella Investigate, Umbrella and AMP for Endpoints

Hands-on Labs

  • LABSEC-1012– Threat intelligence, security investigation, incident response with Cisco Threat Response – Sunil Kumar and Vivek Singh
  • LTRSEC-2200– You Got Hacked! Here is What to Do (AMP4E, TG, Splunk, CTR, CTA)
  • – Karel Simek, Michal Svoboda, Ben Greenbaum


  • CCP-1302– Roadmap: Endpoint Security – Cisco Customer Connection Program session with Snehal Patel (CCP membership required – it’s free to join, sign up here)

Come see why there’s so much buzz around Threat Response at Cisco Live this week. Holler at me on Twitter @jolenetam if you’ll be around! Until then, learn more at


The post 3 things you need to know about Cisco Threat Response at CLUS appeared first on Cisco Blog.

The sights and sounds from the Talos Threat Research Summit

More than 250 threat hunters, network defenders and analysts gathered ahead of Cisco Live for the second annual Talos Threat Research Summit on Sunday.

The conference by defenders, for defenders, returned this year after the inaugural event in 2018 to San Diego, where speakers passed on their knowledge of writing detection, stopping phishing attacks responding to ransomware, and more.

Check out a complete recap of the conference over at the Talos blog.

The post The sights and sounds from the Talos Threat Research Summit appeared first on Cisco Blog.

Security Happenings at Cisco Live U.S.

Come learn from the best in threat defense

Throughout the year, you hear us talking about our innovative security strategy – about how integration, automation, and simplification make your security posture better. We highlight the need for a new approach to security in a multi-domain world. An approach that securely connects any user, on any device, on any network, to any application.

Next week is your chance to join us for interactive sessions, professional networking, and hands-on demos to find out where your security stands. Whether you discover that you’re on the right track, or that you have a long way to go, our security events at Cisco Live San Diego will provide valuable insight to take your security to the next level. And you will have some fun in the process!

Below are the major security activities happening at Cisco Live from June 9 – 13 at the San Diego Convention Center.

Captivating Keynotes

Don’t miss these Cisco keynotes to hear about our overall strategy and how security fits into the bigger picture:

You Make Possible | Monday, June 10 |  10:30 a.m. – 12:00 p.m.

Join Cisco CEO Chuck Robbins and engineering leader David Goeckeler as they share Cisco’s vision for the future and unveil new innovations that will transform our industry, your business, and our world.

Innovation Without Boundaries | Tuesday, June 11 | 10:30 a.m. – 12:00 p.m.

CEO Chuck Robbins, networking and security leader David Goeckeler, collaboration leader Amy Chang, and chief customer experience officer Maria Martinez will discuss our commitment to your success through our game-changing technology and an entirely new customer experience.

Simple, Secure, Digital Workplace with Cisco Meraki | Tuesday, June 11 | 2:00 – 2:30 p.m.

Today’s users demand next-generation, digital experiences within applications that are securely accessible from anywhere. This session, led by Meraki SVP and GM Todd Nightingale, will demonstrate Meraki’s innovative, data-driven approach to engineering, optimizing customer networks, prioritizing application traffic, and security.

What Is the Future of the Firewall? | Wednesday, June 12 | 11:30 a.m. – 12:00 p.m.

In the world we live in today, is the perimeter dead? Or do we actually need firewalls in more places than ever before? If so, how do we manage them all? Come see our SVP of security product management, Jeff Reed, to learn about the future of the firewall and see demos of Cisco Defense Orchestrator and Cisco Threat Response.

And make sure you stay for our closing keynote with Julia Louis-Dreyfus!

A Conversation with Julia Louis-Dreyfus | Thursday, June 13 | 3:00 – 4:00 p.m.

Much like the tech industry, the entertainment industry is rapidly changing. Join the star of the HBO hit series, Veep, as she humorously delivers insights and inspiration on how to remain relevant despite the chaos.

Click here for more details on these and other keynotes throughout the week.

Insightful Security Sessions

Today’s dynamic threat landscape demands a security strategy that focuses on the threat itself more than simply prevention. Cisco security solutions provide threat-centric protection that spans the entire attack continuum – before, during, and after an attack. And we cover you wherever threats get in – from edge to endpoint and beyond.

Cisco Security will present over 160 sessions at Cisco Live. Check out the Cisco Live security page to plan your schedule for the week. Our security sessions, labs, and technical seminars will help you take a holistic approach to security and stop more threats faster.

If you’re interested in these sessions, be sure to book them now. They fill up fast!

We know that 160+ sessions is a lot. See the end of this post for 10 recommended crowd pleasers!

World of Solutions

Don’t forget about the show floor as a treasure trove of valuable information and experiences. The World of Solutions is the energetic core of Cisco Live, where you’ll have the chance to learn about the latest innovations from Cisco and our partners, and connect in one amazing space.

Spend some time in the Cisco Showcase and Security Village to get up close and personal with Cisco and partner technologies. Attend expo sessions, see live demos across our security portfolio, network with your peers, and kick back a little. Also be sure to stop by the Duo Security area to learn about Cisco Zero Trust, charge up your devices, and zone out on some games.

The Park

Are you struggling with more remote users, more cloud apps than you can count, and network decentralization? Come see our Cisco Umbrella team at The Park to find out how they provide a first line of defense for securing users anywhere they access the Internet.

Meet the Expert/Engineer

Consistently rated as one of the highest value programs at Cisco Live, these meetings give you the opportunity to set the agenda for a 1:1 conversation with a Cisco expert. Visit the “Meet the Engineer” desk on site to schedule a personalized discussion focused on your unique questions and challenges.

Capture the Flag

Think you have what it takes to root out threats and protect the network? Check out Capture the Flag in the Sails Pavilion on the 2nd floor.

Cisco Live Celebration

If you need a break from all your learning, be sure to attend the infamous Cisco Live Celebration on Wednesday, featuring the Foo Fighters and Weezer!

What’s new?

While you’re at the show, keep an eye on our news page and social media for the major product announcements we’re making during the week. See something you like? You’ll be in the perfect place to ask questions and learn more. You’ll also find chances on our Cisco Security Facebook and Twitter pages to win great prizes like a Samsung 55″ 4K Smart TV and a Sonos Beam Soundbar.

Live Broadcast

Can’t make it to San Diego? You can still get your front row seat to Cisco Live by tuning into the live broadcast.

10 Recommended Security Sessions

Make sure you review the full agenda of security sessions to choose what’s right for you. But if you don’t know where to start, here are some suggestions:

Talos Insights: The State of Cyber Security | Monday, June 10 | 1:00 – 2:30 p.m.

Cisco’s Talos team specializes in early-warning intelligence and threat analysis for maintaining a secure network. In this talk, we will perform deep analysis of recent threats and see how Talos leverages large datasets to deliver product improvements and mitigation strategies.

Converge or Die: Security Products and Services | Tuesday, June 11 | 9:30 – 10:30 a.m.

Products and services are converging. Attend this session and walk away with the knowledge you need to approach today’s dynamic threat landscape with confidence.

Cisco SD-WAN Security from the WAN to Cloud Edge | Wednesday, June 12 | 8:00 – 9:00 a.m.

WAN transformation increases your exposure to a range of internal and external threats that were previously handled by your data center security. We’ll learn more about these threats and why a combination of on-premises and cloud security is a must-have for your IT team.

Endpoint Security, Your Last Line of Defense | Wednesday, June 12 | 1:00 – 3:00 p.m.

With the proliferation of advanced malware, and the endpoint being the target of the vast majority of attacks, security on the endpoint is more important now than ever. This session will dive into the arsenal of Cisco endpoint security products.

Behind the Perimeter: Fighting Advanced Attackers | Wednesday, June 12 | 4:00 – 5:30 p.m.

Unlike defending against automated and predictable infections that we see every day, dealing with advanced adversaries can be a painful experience. Our goal is to derive a series of principles that make such attacks expensive to mount, maintain, and cover.

Demystifying Zero Trust – What does it really mean? How do you achieve it with Cisco and Duo Security? | Thursday, June 13 | 8:00 – 10:00 a.m.

In this intermediate-level session, we will provide clarity into how to go from “zero” to “hero” when it comes to deploying Zero Trust in your environment.

Protecting Your Office 365 Environment: Leverage the Firepower API, Cisco Cloud Email Security, and more | Thursday, June 13 | 8:00 – 10:00 a.m.

Office 365 has become a popular choice to consume Microsoft’s email, voice, and file sharing applications. Due to changes in the consumption of applications, we need to think differently about how to secure our networks, endpoints, and users.

Workload Security and Visibility | Thursday, June 13 | 9:30 – 10:30 a.m.

Modern applications no longer just reside within a company’s physical data center, but are also deployed across a multi-cloud environment. As a result, customers must now rethink their approach to data center security and workload protection as the available attack surface and opportunity for data theft has expanded.

Risky Business: Help Reduce Risk by Gaining Visibility and Control of Cloud App Usage | Thursday, June 13 | 1:00 – 2:30 p.m.

In this session, we’ll address the security risks involved with cloud app usage and how you can gain full visibility and control of cloud applications in your environment using Cisco Umbrella.

The Future of Security Analytics | Thursday, June 13 | 1:00 – 2:30 p.m.

What does it mean to deliver superior security analytics? Join Cisco Distinguished Engineer TK Keanini to explore security analytics in its entirety: reviewing new forms of telemetry, analytical techniques, and the mistakes and shortcomings of the past so that we don’t make them again in the future.

See you next week at #CLUS!

Subscribe to our Cisco Live blog series to stay updated on everything happening at Cisco Live 2019.

The post Security Happenings at Cisco Live U.S. appeared first on Cisco Blog.

Cisco Security & Trust at Cisco Live US

At Cisco, cybersecurity is our top priority; from product development, to operations, to data protection and privacy, we are embedding security everywhere. Our journey starts with protecting the Cisco enterprise. We invite you to learn more about how we securely enable business for our customers, partners, and ourselves at Cisco Live US, taking place June 9th through the 13th in San Diego, CA.

The sessions listed below will help participants to build a more secure network foundation for their enterprise. Specific topics to be covered include, among others

  • Trustworthy solutions
  • Security analytics
  • Threat intelligence
  • Cloud security
  • Endpoint protection
  • Secure access
  • Data protection and privacy
  • Privacy engineering

Attacks on Network Infrastructure: Protecting Network Integrity with Cisco Trustworthy Tech David Lapier, Sr. Technical Leader of Software Engineering | Monday, June 10th, 1-2 PM

Understanding Encrypted Traffic Using Joy for Monitoring and Forensics Bill Hudson, Sr. Technical Leader of Software Engineering | Tuesday, June 11th, 3-3:45 PM

Securely Enabling Your Organization Steve Martino, Chief Information Security Officer | Wednesday, June 12th, 11-11:40 AM

Inside Cisco IT: How to Move to the Cloud David Jones, Information Technology Architect & Jason Freeth, Information Security Architect | Wednesday, June 12th, 4-5:30 PM

Privacy by Design Lisa Bobbitt, Data Privacy Architect, Jonathan Fox, Data Privacy Director, & Mike Tibodeau, Data Protection & Privacy Operations Manager | Thursday, June 13th, 9:30-11:30 AM

Join us for world-class technical and cybersecurity training and enjoy the fun social activities in store.

The post Cisco Security & Trust at Cisco Live US appeared first on Cisco Blog.