Tuesday, November 5, 2019

Talos, Cisco Incident Response team up to offer more protection than ever












By Sean Mason

Over the years, I've had the honor and privilege to work within some of the greatest security teams on the planet, working alongside such passionate and talented people at Cisco makes delivering this announcement perhaps the greatest honor yet.

The best security organizations on the planet excel at preventing, defending, and responding, which boils down to one key aspect – an intelligence-driven approach to security.

Several years ago, Cisco Talos intelligence started to support Cisco’s Incident Response Services group, with IR feeding highly contextualized data back into the Talos Detection and Response efforts. This was key to building a market-leading, albeit standalone, incident response service offering at Cisco.

Today, we are excited to announce the next step in the evolving relationship between intelligence, research, and IR – Cisco Talos Incident Response.


As things stand now, every incident response Cisco engages in, anywhere in the world, has dedicated Talos Intelligence analysts attached to it. This ensures we capture what is happening in the real world, build protections based on what we learn, and share back our intelligence to the incident responders so they can help frame our customer’s incident in a global context.  Truly this is a win/win for everyone.

Talos has spent a lot of time over the past few years building trust with our customers by supplying highly technical security information, driving timely protections based on that research and being transparent and forthright in our communications. IR has worked with Talos for a long time, and both parties feel this new partnership expands the capability of IR to deliver on those values.

This new partnership also boosts the strength of Talos’ intelligence. Effective security should be intelligence-driven and, more importantly, Incident Response should be driven by intelligence. With Talos’ unprecedented levels of visibility into the threat space and quick response time, incident response will be stronger than ever.

Now that Incident Response resides within Talos, they have access to the global intelligence that Talos has curated. This will allow them to help customers understand events affecting them from a global context. Customers under attack will better understand how others have responded to similar attacks, what has worked and, just as importantly, what hasn’t worked.

Additionally, all Cisco customers will now more quickly benefit from the findings from Talos Incident Response. Rather than having to interface as a separate team to Talos, the incident response capability will now have access to the same tools and communications platforms the rest of Talos has, allowing for new findings to start protecting all Cisco customers within just a few short minutes of discovery. If a customer requires a specialist to support them, incident response is now inside the very heart of Talos, enabling them to find the right talent.

Talos’ mission statement is “Protect our customers.” As of today, Talos is better positioned to do that than ever before. Talos Incident Response provides several types of proactive services, in addition to emergency IR services, including: consulting engagements directly with Talos analysts and researchers, table-top and cyber range exercises, readiness assessments, and much more. If you’d like more information about Cisco Talos Incident Response, please check out the new IR web page here or contact your Cisco sales team. We also have a special edition of the Beers with Talos podcast out discussing this change.

No comments:

Post a Comment