The open integration approach for extended detection and reaction (XDR) seizes organizations to use the full potential of their security ecosystems. This open approaches the provision of security analysts with agility to the best tools and access to the best information to protect their special environment. This not only increases the efficiency of the team, but also speed at which they can respond to potential threats and reduce breaking time. Cisco XDR stands out in this arena by offering unrivaled integration skills not only Cisco solutions, but also a wide range of third -party tools. This is not one and the effort is made-it is constant planning and implementation from team management and development teams and adds new ones and increases existing integration.
To date, we have seen a strong demand for this approach and more than 900 organizations around the world now Cisco XDR to protect their IT infrastructure integrity. The reason for this broad appeal is that we meet security practitioners where they are, allowing them to get maximum value from the people and tools they already have. This ability is a race that is based on our ability to work with these tools, not related to the seller.
Over the past six months, Cisco XDR has increased or significantly increased 21 integrations with Cisco products and ten different third -party technical partners, shared telemetric and security detection, and increase interoperability to provide strong results in minutes.
New integrations align basic detection and response and response (EDR), e-mail defense, detection and response (NDR), firewall (NGFW) and security management (SIEM)-This is for security operations (SOC), detection and network response (NDR). They also include other key tools for security and cooperation to deepen understanding to security operators and incidental respondents, as well as increasing the efficiency of the team and shortening the breaking time. The abilities that these integrations supply to Cisco XDR include:
- Detection incident -If the tool captures a system or network telemetry or detects activities or events related to safety, Cisco XDR can accommodate this information into a group of data for analysis or insert these detections into a combined impact of the customer, so the threat can be neutralized using full Cisco XDR incidents.
- Controls and security reactions – If tool managers access systems, networks, data or other organizational assets, Cisco XDR allows you to breathe and operators must be able to terminate these skills to protect these assets from known and unknown threats, both reactively and proactively (eg by clicking on the Cisco XDR button.
- Threat investigations – If the tool has information about artifacts where it is obtained from the customer’s environment (eg DNS protocols showing communication with known C&C) or from the news tools with threats such as Malware or Botnet Quarantine (eg, details of malware they like), Cisco XDR can receive this information. This can be decisive for the need for the organization to be informed of the current and potential future threats of meaningful ways of optimal defense.
- Cooperation – If a team is already using one of the best cooperation tools or cooperation, Cisco XDR can connect or even create channels to publish new or updated incidents and even accept commands and present results through these channels.
- Automation -All of the above safety results and others can be used by Cisco XDR automated and semi -automated ways to faster times for different threats and conditions.
All these critical functions are performed by each soc. Cisco XDR helps these teams better use the tools that control these features by providing a common framework from which the specific contributions of each product can be used. The more tools our customers can use in this context will be their performance and faster.
Open> native
For this reason, since its foundation, Cisco XDR has watched the open philosophy of XDR, or to be more accurate, hybrid XDR. With a wide portfolio of Cisco’s highest security tools, we could have the native XDR route and require customers to buy a Cisco magazine to get reasonable XDR results. However, this is not in the best interest of customers who follow the best of the breed, the variety of suppliers, or in the process of migration to the Cisco security apartment, but now they want to get the Benfits of XDR.
Cisco XDR has open and documented protocols based on industrial standard. Open and documented the Restful API with API prototyping tools into the product. Our goal is not only to offer a wide range of integration outside the box, but also to allow our partners and customers to easily add their integration, create their products and even custom XDR tools.
Speed up speed with high confidence
For this reason, last year we introduced a program for proven integration of Cisco. These integrations are written by cisco cisco partners to bring their products to the Cisco XDR ecosystem and Cisco XDR Engineering and Quality Insurance teams are checked before release. Details of authorship can be seen on the Administration/Integration page.
The latest list of new or upgraded Cisco XDR integrations, which is partly based on the efficiency controlled by these abilities, includes some integrations written by Cisco, and some of our partners. Delives in the first half of the fiscal year Cisco (August 2024 to January 2025) include:
- Application, Identity and Device Management: Cisco Secure Access, Jamf Pro, Microsoft Intune
- Detection and cloud response: Cisco Secure DDOS Protection, Cisco Secure Waf
- EDR: Singularity Sentinelone
- E -Mail Security: Microsoft Defender for Office365
- Backup Enterprise: Brush
- IT Service Management (ITSM): Servicenow
- Editor’s note: Cisco Secure Network Analytics, Netscout Omnis Cyber Intelligence (OIC)
- NGFW: Cisco Meraki MX, Palo Alto Networks
- SIEM: Cisco joking cloud
- Driving of vulnerability: Cisco vulnerability management (CVM) – Trainly Kenna
- Other: Endation, our first integration with a product of packet capture
Stay tuned to future announcements of more entire increments, included from safe security and many more!
For more information about the current list of supported integration, see Cisco XDR integration.
If your company for cyber security would like to create integration with Cisco XDR, contact the Alliance team at partnership- csta@cisco.com.
We would like to hear what you think. Ask how below and stay in conjunction with Cisco Secure on Social!
Cisco Security Social Channels
Instagram
Facebook
Twitter
LinkedIn
Share: