Integrating Your Appliance with Cisco SecureX or Cisco Threat Response

Cisco SecureX is a security platform embedded with every Cisco security product. It is cloud-native with no new technology to deploy. Cisco SecureX simplifies the demands of threat protection by providing a platform that unifies visibility, enables automation, and strengthens your security across network, endpoints, cloud, and applications. By connecting technology in an integrated platform, Cisco SecureX delivers measurable insights, desirable outcomes, and unparalleled cross-team collaboration. Cisco SecureX enables you to expand your capabilities by connecting your security infrastructure.

Cisco Threat Response is a threat incident response orchestration hub that supports and automates integrations across multiple Cisco Security products. As a key pillar of the Cisco integrated security architecture, Threat Response accelerates key security operations functions: detection, investigation, and remediation.

Integrating the Appliance with Cisco SecureX or Cisco Threat Response contains the following sections:

• How to Integrate Your Appliance with Cisco SecureX or Cisco Threat Response

• Performing Threat Analysis using Cisco SecureX Ribbon

You can integrate your appliance with Cisco SecureX or Cisco Threat Response, and perform the following actions in Cisco SecureX or Cisco Threat Response:

• View and send the email data from multiple appliances in your organization.

• Identify, investigate and remediate threats observed in the email reports, sender and target relationships, search for multiple email addresses and subject lines and message tracking.

• Block compromised users or users violating outgoing email policies.

• Resolve the identified threats rapidly and provide recommended actions to take against the identified threats.

• Document the threats to save the investigation and enable collaboration of information among other devices.

• Block malicious domains, track suspicious observances, initiate an approval workflow or to create an IT ticket to update email policy.

You can access Cisco SecureX using the following URL:

https://securex.us.security.cisco.com/login

Cisco Security Management Appliance (SMA) centralizes management and reporting functions across multiple Cisco email security appliances. For more information on observables that can be enriched by the SMA Email module, go to https://securex.us.security.cisco.com/settings/modules/available, navigate to the module to integrate with Cisco SecureX, and click Learn More.