In the infosec world, it’s well established that time is a precious commodity. Time to detection and time to resolution are critical concepts that can mean the difference between a minor incident and making the news. In order to be effective, security teams need to be able to quickly access data, gather insights and take the necessary actions to keep their organizations safe. To that end, we’re committed to simplifying our user interfaces and making it easier to manage security effectively across an enterprise. Cisco Email Security and Cisco Threat Grid are two prime examples.
Cisco Email Security
Cisco Email Security’s new user interface focuses not only on adopting a Cisco standard for navigation and layout, but also improved usability for tracking, reporting and quarantine features. We have already started work on our resolution, to deliver enhanced visual tools so security operations analysts can better understand and identify the movement of suspicious behavior as it relates to email.
Here are some of the enhanced features:
Quickly Identify Specific Groups of Threats and Track Concerns Over Time
Our enhanced interface now allows administrators to not only identify and group threats into categories such as malware, spoofing, phishing and spam, it also allows the ability to see whether those threats are diminishing or growing over time.
Determining the volume of suspicious malware or spam caught is meaningful but it does not tell the entire story. The ability to classify threats into categories and how they change over time is what is truly important. This enables analysts to tune policies and discover potential threats that may evolve over time.
Finding and Understanding a Message’s Trajectory
The new user interface also simplifies the process to search for messages. The message tracking summary page shows the direction and final state of the message. You can obtain more details about the pipeline of all the engines that have evaluated the message and what actions were taken. You can also drill down on details of the message events to show timeline of the order of the events and the verdicts of each engine.
Learn more by watching the Demo Video here
Learn more at cisco.com/go/emailsecurity
Cisco Threat Grid
One of the underlying technologies in the Cisco portfolio that makes Cisco Email Security so effective is Cisco Threat Grid, the malware analysis and threat intelligence engine behind Cisco security products. In a recent TechValidate study, 76% of the surveyed customers who have deployed Cisco AMP and Threat Grid reduced their time to detection of threats by 12 hours or more.
Cisco Security has recently introduced a new Threat Grid user interface that you will find to be much easier to use AND with a noticeable boost in speed. These improvements are designed to help customers accelerate the identification of threats and then address those threats faster. Ben Greenbaum from the Threat Grid product management team presents a more detailed summary of the enhancements in his blog, The new face of Threat Grid for 2018.
Below are some of the highlights.
Track Malware Analysis Performance and Trends Over Time
The new dashboard presents a number of high-level threat analysis statistics such as: Average Analysis Time, Average Threat Score, Number of Submissions, and Number of Convictions that give users a general sense of their threat posture.
Accelerate Incident Investigations by Getting to the Information that Matters Faster
Threat Grid also now presents thumbnails of recently submitted file samples so users can quickly and easily check their statuses and results to accelerate their investigations. The new user interface allows users to choose between seeing only their submissions or all submissions from their organization. Furthermore, users can now see the security products from which the malware samples were submitted and get a breakdown of the file types. Users can also look at their submissions over time by choosing from several convenient preset time periods.
To learn more about how Cisco Threat Grid can help you, check out our product page.
Cisco Security is putting on a fresh face for 2018 and providing enhancements to help our customers realize the power of these products. Our wish is that you’ll take full advantage of them to keep your organization more secure this year.
Great to see how the ESA evolves. Time to upgrade again!
Great improvement! Looking forward to see more integration with Cisco security products/services as well as 3rd party ecosystem partners.