Security – Cisco Blog

A Newbie’s Perspective: From Curiosity to Confidence, My SOC Story

A new analyst shares their Cisco Live SOC experience, covering quick onboarding, using Cisco XDR and Endace for incident investigation, and building confidence in threat response.

Security – Cisco Blog

Have You Seen My Domain Controller?

Windows clients expose Active Directory DNS queries on public Wi-Fi, risking OSINT and credential leaks. Learn from Cisco Live SOC observations how to protect clients with VPNs .

Security – Cisco Blog

Splunk in Action: From SPL to PCAP

Learn how Cisco Live SOC uses Splunk SPL and Endace PCAP to investigate exposed HTTP authentication and Kerberos activity, securing sensitive data on public Wi-Fi networks.

Security – Cisco Blog

Cisco Live Melbourne 2025 SOC

Cisco Security and Splunk protected Cisco Live Melbourne 2025 in the Security Operations Centre. Learn about the latest innovations for the SOC of the Future.

Security – Cisco Blog

Cisco Live Melbourne Case Study: Cisco Live TMC Experience and DDoS

Explore a Cisco TME's experience in the Cisco Live SOC, detailing efficient onboarding, incident escalation, and a real-world DDoS attack investigation and response.

Security – Cisco Blog

GovWare 2025 Security Operations Centre

Cisco Security and Splunk secured the GovWare 2025 network in the Security Operations Centre. Learn about the latest innovations for the SOC of the Future.

Security – Cisco Blog

From Detection to Deep Dive: Splunk Attack Analyzer and Endace for GovWare 2025 Security

At GovWare 2025, the team leveraged Splunk Attack Analyzer's API to connect to Endace.

Security – Cisco Blog

Unmasking Attacks With Cisco XDR at the GovWare SOC

During GovWare, Cisco XDR detected 39 incidents. The SOC team conducted analysis and response actions, and reported critical incidents to the GovWare NOC.

Security – Cisco Blog

Splunk SOAR in Action at the GovWare: Zero-Touch Clear Text Password Response

At GovWare 2025, the SOC team combined ES with Splunk SOAR to fully automate and track the incident response process.

Security – Cisco Blog

GovWare Captive Portal: (Splash Page)

Cisco provided a splash page for GovWare 2025, a click-through captive portal. Learn how the team did it.

Security – Cisco Blog

Cisco Recognized as a Major Player in the 2025 IDC XDR MarketScape

Cisco has been recognized as a Major Player in the IDC MarketScape: Worldwide Extended Detection and Response (XDR) Software 2025 Vendor Assessment.

Security – Cisco Blog

Packing More Power Into Cisco XDR’s Integration Toolkit

Cisco XDR and the Swiss Army knife share a theme of a versatile, integrated, and unified platform, giving users myriad solutions to take on diverse challenges.

Security – Cisco Blog

Conference Hopping: Training Attendee Scanning Def Con

Cisco is the Security Cloud Provider to the Black Hat conferences. Learn about the latest innovations for the SOC of the Future at Black Hat USA 2025.

Security – Cisco Blog

Driving Cisco XDR Integration With Third-Party Partners at Black Hat

Cisco is the Security Cloud Provider to the Black Hat conferences. Learn about the latest innovations for the SOC of the Future at Black Hat USA 2025.

Security – Cisco Blog

Cisco Secure Firewall: SnortML at Black Hat USA 2025

Cisco is the Security Cloud Provider to the Black Hat conferences. Learn about the latest innovations for the SOC of the Future at Black Hat USA 2025.

Security – Cisco Blog

Black Hat Investigation: Attempted Exploitation of Registration Server

Cisco is the Security Cloud Provider to the Black Hat conferences. Learn about the latest innovations for the SOC of the Future at Black Hat USA 2025.

Security – Cisco Blog

The Value of PCAP in Firewall Investigations

Cisco is the Security Cloud Provider to the Black Hat conferences. Learn about the latest innovations for the SOC of the Future at Black Hat USA 2025.

Security – Cisco Blog

Findings Report From the SOC at RSAC™ 2025 Conference

Cisco Security and Splunk protected RSAC™ 2025 Conference in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.

Security – Cisco Blog

Customize Your Defense: Unlock Cisco XDR With Key Integrations

The new Cisco XDR Connect tool helps users to search, browse, and view the details of all available XDR integrations and automation content.

Security – Cisco Blog

Cisco Catalyst 8300 Excels in NetSecOPEN NGFW SD-WAN Security Tests

Cisco Catalyst 8300 earns NetSecOPEN certification for exceptional real-world NGFW and SD-WAN performance under modern enterprise conditions.

Security – Cisco Blog

Cisco Live San Diego Case Study: Malware Upatre! (Encrypted Visibility Engine Event)

Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.

Security – Cisco Blog

Splunk in Action at the Cisco Live San Diego SOC

Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.

Security – Cisco Blog

Using AI to Battle Phishing Campaigns

Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.

Security – Cisco Blog

Building an XDR Integration With Splunk Attack Analyzer

Cisco XDR is an infinitely extensible platform for security integrations. Like the maturing SOCs of our customers, the event SOC team at Cisco Live San Diego 2025 built custom integrations to meet our needs. You can build your own integrations using the community resources announced at Cisco Live. It was an honor to work with […]

Security – Cisco Blog

Cisco Live San Diego Case Study: Hunting Cleartext Passwords in HTTP POST Requests

Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future. 

Security – Cisco Blog

Secure Endpoint Enhancements Elevate Cisco XDR and Breach Protection Suite

Discover how Secure Endpoint enhancements elevate Cisco XDR and the Breach Protection Suite with better visibility and advanced threat defense.

Security – Cisco Blog

XDR still means so much more than some may realize

Cisco has been named a Leader and Fast Mover in GigaOm's Radar for Extended Detection and Response (XDR). Learn what sets Cisco XDR apart in our blog.

Security – Cisco Blog

Simplifying Zero Trust: How Cisco Security Suites Drive Value

Discover how Cisco Security Suites are helping organizations achieve zero trust while realizing significant cost savings, improved productivity, and a 110% ROI.

Security – Cisco Blog

Developing With Cisco XDR at Cisco Live San Diego ‘25

Join us at Cisco Live San Diego to explore Cisco XDR’s latest innovations, including custom integrations, AI automation, and community features. Don’t miss out!

Security – Cisco Blog

Black Hat Asia 2025 NOC: Innovation in SOC

Cisco is the Security Cloud Provider to the Black Hat conferences. Learn about the latest innovations for the SOC of the Future.

Security – Cisco Blog

Instant Attack Verification: Verification to Trust Automated Response

Discover how Cisco XDR’s Instant Attack Verification brings real-time threat validation for faster, smarter SOC response.

Security – Cisco Blog

Cisco XDR Just Changed the Game, Again

Clear verdict. Decisive action. AI speed. Cisco XDR turns noise into clarity and alerts into action—enabling confident, timely response at scale.

Security – Cisco Blog

Black Hat Asia 2025: Innovation in the SOC

Cisco is the Security Cloud Provider to the Black Hat conferences. Learn about the latest innovations for the SOC of the Future.

Security – Cisco Blog

The Need for a Strong CVE Program

The CVE program is the foundation for standardized vulnerability disclosure and management. With its future uncertain, global organizations face challenges.

Security – Cisco Blog

From Deployment to Visibility: Cisco Secure Client’s Cloud Transformation

Cisco Secure Client can now be deployed and managed via Client Management in Cisco XDR.

Security – Cisco Blog

Sign Up for a Tour at the SOC at RSAC™ 2025 Conference

Cisco and Endace provide Security Operations Center services at RSAC™ 2025 Conference. Sign up for a tour and see what happens in the SOC.

Security – Cisco Blog

Mobile World Congress 2025: SOC in the Network Operations Center

Cisco is the sole supplier of network services to Mobile World Congress, expanding into security and observability, with Splunk.

Security – Cisco Blog

The Benefits of a Broad and Open Integration Ecosystem

Since inception, Cisco XDR has followed the Open XDR philosophy. We integrate telemetry and data from dozens of Cisco and third-party security solutions.

Security – Cisco Blog

Cisco Live Melbourne SOC Report

Learn how the SOC team supported Cisco Live Melbourne and some of the more interesting findings from four days of threat hunting on the network.

Security – Cisco Blog

Black Hat Europe 2024 NOC/SOC: Security Cloud

Cisco is the Official Security Cloud Provider for the Black Hat Network Operations Center (NOC). We work with the other official partners to bring the hardware, software and engineers to build and secure the network, for our joint customer: Black Hat.  Arista: Wired and Wireless Network Equipment  Corelight: Open Network Detection and Response  Palo Alto […]

Security – Cisco Blog

Cisco AI Defense: Comprehensive Security for Enterprise AI Adoption

Cisco AI Defense is a single, end-to-end solution that helps your organization understand and mitigate risk on both the user and application levels.

Security – Cisco Blog

From Chaos to Clarity: Navigating Threats With Cisco XDR

Cisco XDR transforms cybersecurity with enhanced threat detection and automated responses. Download the Solution Brief for detailed insights and use cases.

Security – Cisco Blog

SOC Findings Report From RSA Conference 2024

Discover key insights from the SOC Findings Report at RSA Conference 2024, co-released by Cisco and NetWitness for Cybersecurity Awareness Month.

Security – Cisco Blog

The Countdown Has Begun: Getting Started on Your Post-Quantum Journey

Using existing encryption and key management technologies, enterprises can realize quantum-safe encryption today without waiting for implementations.

Security – Cisco Blog

Black Hat 2024: SOC in the NOC

The Black Hat Network Operations Center (NOC) provides a high-security, high-availability network in one of the most demanding environments in the world: the Black Hat event. The NOC partners are selected by Black Hat, with Arista, Cisco, Corelight, Lumen, NetWitness and Palo Alto Networks delivering from Las Vegas this year. Cisco is the official Domain […]

Security – Cisco Blog

Enabling Cybersecurity Incident Response

Universities need advanced security architectures for effective incident response. Discover how XDR solutions enhance visibility and resilience in complex tech landscapes.

Security – Cisco Blog

Cisco XDR: Open Ecosystem Accelerated at Black Hat Events

Cisco XDR turns one year old. Here is the backstory of how we developed relationships and alliances with “competitors” to have the open ecosystem of today.

Security – Cisco Blog

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting

Traditional workload security tools often fail to provide metrics tailored to the distinct needs of SecOps, Network Administrators, or CxOs.

Security – Cisco Blog

Operationalizing our custom “SOC in a Box” at the RSA Conference 2024

Cisco engineers often face the challenge of setting up a Security Operations Center in two days at global events. Aditya Sankar explains the process with our “SOC in a Box” in this blog.

Security – Cisco Blog

Forrester Names Cisco a Leader in OT Security

Securing industrial networks is top of mind. Cisco’s comprehensive OT security solution and unified IT/OT security platform is a Leader according to Forrester. Learn what makes Cisco stand apart in this market.

Security – Cisco Blog

Securing Meraki Networks with Cisco XDR

Discover how the Cisco XDR and Meraki MX integration provides advanced threat detection and network insights. Join us at Cisco Live 2024 for a demo.

Security – Cisco Blog

Cisco Security at Cisco Live 2024: Innovating at Scale

No matter how reliable and performant your network is, it doesn’t matter if it’s not secure. To help make the world a safer place, we need to reimagine security.

Security – Cisco Blog

XDR means so much more than some may realize

Discover how Cisco XDR redefines security with integrated tools, AI-driven threat detection, and rapid response to solve real-world problems for the SOC

Security – Cisco Blog

Strengthen Your Security Operations: MITRE ATT&CK Mapping in Cisco XDR

Discover how Cisco XDR's MITRE ATT&CK mapping strengthens your security operations. Learn to identify security gaps and improve your cybersecurity posture.

Security – Cisco Blog

Accessing Secure Client Cloud Management after the SecureX EoL

Secure Client Management capabilities aren’t going away with the SecureX EOL, the functionality is simply migrating to the Cisco Security Cloud Control service.

Security – Cisco Blog

Black Hat Asia 2024 NOC: Cisco Security Cloud

Protecting Black Hat Asia NOC with Cisco Security Cloud

Security – Cisco Blog

Empowering Cybersecurity with AI: The Future of Cisco XDR

Learn how the Cisco AI Assistant in XDR adds powerful functionality to Cisco XDR that increases defenders efficiency and accuracy.

Security – Cisco Blog

Cisco & Splunk: A Complete SOC Platform Purpose-Built for the AI-Driven Future

We're excited about the integration of Cisco XDR and Splunk Enterprise Security, creating a SecOps platform that can grow with customers as needs change.

Security – Cisco Blog

Supercharging Cisco XDR with AI and Identity Intelligence at RSAC 2024

Cisco XDR is a leader in providing comprehensive threat detection and response across the entire attack surface. We’ll be showcasing new capabilities that will give security teams even more insight, a… Read more on Cisco Blogs

Security – Cisco Blog

Introducing Cisco XDR Playbooks: Finding the balance in automating and guiding incident response

Security Operations is the beating heart of any organization, a united team vigilantly standing guard against cyber threats. To outsmart their adversaries, they must delve deep into the intricate… Read more on Cisco Blogs