Presentation c97 737987

Cisco Secure
Endpoint
Secure your endpoints and turbocharge your security ops
Business Decision Maker Presentation
January 2022
Do you have the expertise,
time, and evidence to secure
your endpoints?
© 2022 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Image source: https://commons.wikimedia.org/wiki/File:Soccer_goalkeeper.jpg (public domain)
Securing your endpoints is a challenge
How Cisco Helps:
Challenge: Expertise
“My team can’t be experts on every new threat or
all be experts in threat hunting.” 10 Person-hours saved
per security incident
Challenge: Time
97% Reduction in response

“I don’t have enough time to go after every new
threat, alert, patch and compromised devices.” and remediation time
Challenge: Evidence
86% Improvement in security

“We can’t always identify which threats to
prioritize or get to the root cause of every attack.” operations effectiveness
Introducing Secure Endpoint Pro
Combines human and machine power to reduce endpoint detection and response tasks and times
We do the heavy lifting of We detect and respond to We investigate every threat and
securing your endpoints threats in minutes, not hours prioritize the most critical ones
Our dedicated elite team of Cisco Cisco specialists use automation and We conduct an in-depth investigation of
security experts performs 24x7x365 advanced playbooks powered by the every incident for you and enable you to
endpoint monitoring, detection, and Cisco SecureX platform to drastically approve or reject remediation actions based
response so you don't have to reduce detection and response times so on evidence from our experts
you don't have to
How Cisco Secure Endpoint Pro works for you
Example Use Case
Receive Correlate Escalate to Threat Analyze Validate Determine Report & Approve/Reject
Alert Quarantine? Other Hosts Investigator Enrichment Assessment Evidence Malicious? Impact/Urgency Mitigation Response
Incident Detection and Response Steps
Automation Cisco Security Experts Customer Actions
Key Actions by Cisco Key Communication with You

• Cisco monitors security alerts and investigates appropriately • All incidents investigated & reported - top incidents get a
within minutes of the initial event phone call within the hour
• Cisco SOC ingests all events from Secure Endpoint and reviews • Comprehensive portal for all service interactions enables
them against playbooks and use cases visibility and dashboard status
• Each incident is prioritized and enriched by dedicated SOC • Easily approve or reject remediation actions and view links to
and Intel Teams available 24/7 incidents
The Cisco Secure Endpoint solution
Secure your endpoints while turbocharging your security operations
Stop Threats Before Remediate Faster and More Maximize Your Security
Compromise Completely Operations
Quickly detect advanced attacks such as Decrease incident response time by up to Improve your security operations
ransomware with multifaceted prevention, 97% with advanced Endpoint Detection effectiveness by up to 86% and simplify
attack surface reduction, and posture and Response (EDR) and built-in Extended your security by eliminating complexity
assessments. Detection and Response (XDR) and enhancing SecOps productivity
capabilities.
Get the security expertise you need with Focus on the most important threats
endpoint detection and response managed Drastically reduce detection and and gain always-on security operations
by a team of dedicated Cisco experts response times with Cisco specialists that with accelerated EDR
quickly investigate and remediate threats
Stop threats before
compromise
Dynamic multifaceted prevention
• Behavioral analytics, machine learning, signatures and more
Attack surface reduction

• Securing remote work with Duo, AnyConnect, Umbrella, and
Secure Endpoint
Posture and IT Operations assessment

• Endpoint policy compliance and zero-day attack prevention
Secure Endpoint Pro

• Monitoring, detection, and response by a team of 2,200+ expert
researchers, investigators, and responders
Remediate faster and
more completely
Extensive EDR and XDR capabilities
• Advanced and cross-control detection and response
• Endpoint isolation and other attack surface reduction capabilities
Accelerated threat response
• Automated playbooks, hundreds of preloaded queries
• Human-driven hunts for threats with in-depth mapping to MITRE
ATT&CK framework
Dynamic Malware Analysis

• Identify attacks in real time to drive faster detection and response
Secure Endpoint Pro

• Rapid detection and response with Cisco experts that use in-depth
telemetry, defined playbooks, and integrated security
Maximize your security
operations
Investigate faster
• Pivot faster and never lose context with the SecureX ribbon that provides
relevant information that you take with you
Simplify incident management
• Pre-built or build your own investigation workflows
• Built-in approval actions, malware analysis, live queries, threat response
and third-party integrations 
Do more with less

• Automated and collaborative tools supercharge security productivity
• Address the ongoing talent shortage and burnout
Let our experts do the work

• Prioritize critical attacks while enjoying valuable time and cost savings
with experts that watch your endpoints around the clock
Integrated XDR with Cisco SecureX
Cisco Secure
We’ve done the hard work to simplify your
Network Endpoint Cloud Applications
experience, accelerate your success and secure your
future
• Get fuller visibility to threats beyond the endpoints

• Simplify investigations with built-in threat response
• Run automated playbooks, automate actions and access
operational metrics directly from SecureX
• Enable better, faster decisions and pivots with relevant
Your infrastructure context and analytics from SecureX
3rd Party/ITSM Intelligence Identity SIEM/SOAR
Cisco Endpoint Security with SecureX Built-In
Endpoint security
enhances the
platform experience Enhance endpoint
Share details on affected
detection and response
endpoints, blocking of
supported with telemetry
malicious files, and
from other security
isolate endpoints
controls
The platform experience
improves endpoint
security
Save time with threat response in Cisco SecureX
Without Threat Response With Threat Response

1. IOC / Alert 2. Investigate incidents in multiple consoles 1. IOC / Alert / Browser Plugin
2. Investigate and remediate incidents from

3. Action/Remediate multiple security tools in a single console
32 minutes 5 minutes
SecureX Threat Hunting and live queries built-in
• SecureX Threat Hunting leverages Cisco’s
entire security intelligence – to help
identify threats found within the
environment
• Hunt Across Products, not just one control

point (e.g. Endpoint)
• Unique combination of Orbital Advanced

Search and Threat Hunting capability to
quickly identify and eradicate advanced
threats
The value of SecureX platform with
Endpoint Security
“
The combined power of Secure
Endpoint, Secure Firewall, and
“
It reduces our time to resolution of
risk within our environment”
Umbrella allows me to view what
threats have been seen in my
environment and exactly how
serious they are. I can analyze if it
“
We use Cisco SecureX threat response to
investigate malware threats found in
has been seen elsewhere and
Secure Endpoint and any suspicious
where.”
network activity determined through
Secure Network Analytics”
Integral part of the Cisco Secure Hybrid Work solution
Cisco Secure Cisco Cisco Secure Endpoint

Access by Duo AnyConnect Umbrella
Verify the identity of all Enable secure access to Hold the first line of Maintain the last line of
users before granting your network for any defense against threats defense through Secure
access to company- user, from any device, at on the internet wherever Endpoint
approved applications any time, in any location users go
Secure Endpoint makes it easy to manage your agents
Unify your security stack by consolidating multiple agents into a single agent
Simplifies security with ONE agent across

SASE, XDR and Zero Trust
• ONE agent driving operational efficiency
‑ Unifies deployment, updates and management
• ONE agent radically reducing agent fatigue

‑ Single agent for Secure Endpoint, Umbrella, AnyConnect
• ONE platform
‑ Cloud-native, cloud-managed in our built-in SecureX platform
‑ Unmatched customer value as it comes included with:
• Device Insights for deep visibility of all your endpoints, apps and more
• Indicator of device compromise for easy and fast disposition lookup
• Fast response actions and remediation
Focus on the most important incidents and vulnerabilities
Secure Endpoint integrates with risk-based vulnerability management from Kenna Security
Kenna Risk Score
Global Threat Intel
93
Enterprise Data
70 30
Data Science
 Focus on the incidents and  Boost ROI by optimizing  Increase visibility and improve
vulnerabilities that matter first
© 2022 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
resources security posture 17
Why Cisco?
Stops threats with simple, unified defense
Harness built-in XDR capabilities from the Cisco SecureX platform
Speed investigation and response with Orbital Advanced Search
Quickly spot advanced threats with SecureX Threat Hunting
Have Secure Endpoint Pro accelerate your detection and response
Powered by rich threat intelligence from Cisco Talos
Why customers love
Cisco Secure Endpoint?
Reduces workload, time and resources
• Robust prevention, detection &

response Istanbul Grand Airport
• Scalable and integrated architecture “Using Secure Endpoint, we gain visibility, unified
information sharing, and a faster time to detect and
respond to threats.”
• Powered by global threat intelligence Read More Here
“Cisco Secure Endpoint will stop infection/exploit “We significantly reduced our time for detection & “Productivity increased. Automated
from spreading to other devices.” remediation, enabling a focus on other Security areas.” email alerts improved security ops.”
IT Professional, Medium Enterprise Consumer Company Amit Mathur, IT Specialist, Convergent Corporation Chief Security Officer, Small Business Healthcare Company
“It doesn’t impact the devices. “Cisco Secure Endpoint has made breach defense reach “With every incident, at least six
It’s just a rock-solid solution.” all-time highs. It helps me sleep better at night!” to 10 man-hours are saved.”
Dan Turner, CIO at Per Mar Security Service Ryan Paul, IT Specialist, Thunder Bay Regional HSC Wouter Hindriks, Technical Team Lead at Missing Piece BV
“Integrating Secure Endpoint with SecureX “Secure Endpoint Gives The Visibility, Detection
“
gives a lot of visibility to your endpoints.” and Remediation Organizations Need.”
IT Manager, $500M+ Manufacturing Cisco Secure Endpoint is 21st Security Admin, $50M+ Healthcare
“Within the first 4 months of

integrating Secure Endpoint it successfully
blocked ransomware 6 times!”
century endpoint protection.
Wouter Hindriks, Technical Team Lead at Missing Piece BV ” “We had two ransomware attacks before
Secure Endpoint . We haven’t had another one
since. Great Software!”
Shon Olson, Network Admin, Jeremy Johnson, Network Admin,
Smart-Fill Management Group Perry-Spencer Communications
“Secure Endpoint simplified SecOps and “In combination with Cisco

integration with Threat Response helped speed up Umbrella we see a reduced impact
“It has decreased time to detection by 95%
investigations.” on the business.”
and a 97% reduction in time to remediate.”
Security Mgr, Metals & Mining Company Tim Crosweller, IT Manager, Security Consulting
Cole Two-Bears, Systems Architect NHS Management
“Cisco Secure Endpoint has taken our time to “Secure Endpoint has increased the confidence in our detection ability. “It’s given us visibility that we
remediate from hours to minutes.” It co-exists perfectly with our other solutions.” otherwise didn’t have by 80%.”
Neal Gravatt Sr Network Engineer at a Real Estate/Law Ludovic Varet, Chief Security Officer, Gecina Mark Bonnamy, Technical Director at Ridgewall Ltd
Cisco Secure portfolio: simpler to buy and use
Security Choice Talos
Enterprise Agreement threat intel
• Great discounts on 2+ security • Cloud-native, built-in platform
products with support included experience including XDR
capabilities and beyond
• Buy what you need now and
Network Cloud • Integrated and open for
add more in the future
Security Edge simplicity with true turnkey
• Single coterminous agreement interoperability
managed in one portal • Unified in one location for
User & Endpoint Application visibility that accelerates your time
• Built-in 20% growth allowance with Protection Security to detect and investigate
true forward terms
• Maximized operational
• Pay annually with 0% financing Zero efficiency that accelerates
Trust your time to remediate
• Try it for free today!
Register for the Cisco Secure
Endpoint 30-day trial
• Download the latest AV
comparatives results to learn more
about how effective
Cisco Secure Endpoint is in
Next steps malware protection
• View our latest XDR-based
Webinar Series featuring Secure
Endpoint and SecureX
• Sign-up for the Threat Hunting
Workshop near you
Appendix
Cisco Secure Endpoint
Pro
Let Cisco help with
your endpoint defense
• Endpoints are the most common attack

targets
• Endpoint visibility is critical to a secure
environment
• And is quite challenging relative to
time, expertise and evidence
Image source: https://commons.wikimedia.org/wiki/File:Soccer_goalkeeper.jpg (public domain)
Secure Endpoint Pro with SecureX built-in
Unlike other solutions, you:
• don’t give up control of the policies/
configuration for your endpoints
Cisco does all the heavy
• get less false positives lifting for you
• don’t have to buy multiple modules
• have a simple portal for all service
interactions
• have the entire platform working for you with Detection, investigation
context from all control points and response combines
human and machine
power
Secure Endpoint Pro turbocharges your
security and delivers a unified platform
Our best resource is our people with 2,200+ experts
Global scale and footprint provide deep visibility and analysis into the most advanced threats
NOCs
SOCs
CaaS
Data Centers
2,200+ 175 2.3M+ 28K 2M

world-class countries served managed devices security investigations incidents resolved
specialists around the world and endpoints performed per month per year
Cisco Secure Endpoint Pro portal is your one-stop shop
Dashboard, ticketing, reporting, and case management for security operations and executives
Customer Portal
Central hub for all service
interactions. It includes a dashboard,
ticketing, reporting and case
management that provides both
operations and executive visibility to
all activities.
Service Dashboard
An interactive snapshot of activities and
metrics in one place where you can see
the effectiveness of Secure Endpoint Pro
in securing your organization.
How Cisco Secure Endpoint Pro works for you
Approval Response Action Interface
The Approval Response Action interface

allows you to easily approve or reject
remediation actions and view links to
incidents
How to Purchase Cisco Secure Endpoint Pro
• For Cisco Secure Endpoint customers with an
Advantage or Premier License
• Must have a minimum of 500 endpoints in service
• Sold in 1, 3, or 5-year contracts; e.g. aligns to

Cisco Enterprise Agreement (EA) program
• Aligns to licensing for the security technologies

required, i.e. Cisco Secure Endpoint and Cisco
Secure Malware Analytics
Cisco Secure Client
45 … is the average number of
security tools deployed per
organization
Fragmented
everything is a Why MORE is not better?
broken security • Organizations with 50+ tools end up 8%
paradigm lower in detecting threats
• Agent-fatigue gets amplified
• SecOps, NetOps and ITOps efficiency takes a
hit
Users: ITOps, NetOps
and SecOps
Use Cases
• Reduce agents on my endpoints
Impact to users. Their •

•
Help me search my endpoints to get the info I need fast
Reduce the libraries and collisions that occur
needs. And key use •

•
Show my compromised endpoints so I can act on it quickly
Help me simplify deployment and management
cases. •
•
I want to know the status of my endpoints at any given time
I need visibility to my environment, fast (via the Cloud is
preferred)
• Show gaps and compliance issues in my security controls
Consolidate and simplify security.
Starting with the Endpoint is key.
Why the endpoint?

• The endpoint remains a top target of attacks
Fragmented
• Endpoint security is a key control point for overall security and
for modern architectures like: XDR, SASE and Zero Trust
everything has to stop What’s needed?
… here’s how. Simplify operations by consolidating agents

•
• Streamline. Streamline. Streamline.

‑ Deployment, updates, management
• Unify to accelerate
‑ From platform to the agent
‑ Speeds the move to XDR, SASE, Zero Trust
• Improve visibility and control

‑ Deep device visibility
‑ Fast response action/remediation
Introducing Cisco Secure Client
Simplifies security with ONE agent across
SASE, XDR and Zero Trust
• ONE agent driving operational efficiency
‑ Unifies deployment, updates and management
• ONE agent radically reducing agent fatigue

‑ Single agent for Secure Endpoint, Umbrella, AnyConnect
• ONE platform
‑ Cloud-native, cloud-managed in our built-in SecureX platform
‑ Unmatched customer value as it comes included with:
• Device Insights for deep visibility of all your endpoints, apps and more
• Indicator of device compromise for easy and fast disposition lookup
• Fast response actions and remediation
Driving Endpoint Operational Efficiency
Better Endpoint Security with operational efficiency rooted in integration and agent consolidation
Unified, Single Agent View

Secure and Block Threats Before Relentless
Trusted Access Compromise Breach Defense
ONE To let the

good guys in
To keep the
bad guys out
To uncover the bad
guys
Agent
Consolidation
Secure
Client
Opportunity
Next Gen
Antivirus* EDR DNS / Web
Protection
Vulnerability
Identity VPN DLP
Management
Encryption UEM OS
*Many customers still run legacy AV on systems (mostly from different vendor)
Protect
Save time and block more with security
that works together
See once, block everywhere
Removed automatically Blocked across network, endpoints,
If malware Immediate
from endpoints email and cloud
gets in Detection
“ Made major investment in Cisco… looked at [“3Cs”] can orchestrate better if I stick to Cisco –
need to find products that complement what we have and not retrain staff
– Security Director
Higher security efficacy with the least false alarm
Validated by 3rd Protection Rate False Alarms
party tests:
AV Comparatives, Malware Protection Test 100% 0
Miercom,
Real World Protection Test 99.3% 1
and NSS Labs
Recognized for accuracy, False Alarm Test

reliability FP rate on non-business Software
“Very High” FP has as many
and consistency as 100-150 false positives Acronis, Avast, Bitdefender, Cisco,
ESET, Fortinet, G Data, Kaspersky, Very Low
Sophos
Strong prevention –
multiple engines and Cybereason, FireEye, SparkCognition,
Microsoft
Low
blocking tools
Elastic, Viopre, VMware, Medium
K7, Panda High
Crowdstrike Very high
Factsheet Business Test (March-April 2020), go to: https://www.av-comparatives.org/tests/business-security-test-march-april-2020-factsheet/
Detect & Respond
Know everything about the endpoint and
respond with
Advanced Endpoint Detection and Response (EDR)
Detection Response
• Continuous activity monitoring • Custom block/allow lists for files and
• Advanced endpoint search network traffic
• Sandboxing • Application control and allow list

• Endpoint isolation
• Cloud IOCs
• Accelerate threat response with an
• Threat hunting
integrated security platform
• Vulnerable and low prevalence
software identification
• Unmanaged endpoint discovery
Improve security & IT Ops alignment and simplify threat
hunting with
Orbital Advanced Search
Key capabilities:
Advanced search; pre-defined, customizable
queries; forensics snapshot
Primary use cases:

Threat hunting; IT operations enablement,
and vulnerability and compliance tracking
Benefits:
Faster investigation and quicker response, seamless
investigation and remediation
Orbital Advanced search
Use cases
Threat Hunting Incident Investigation Vulnerability IT Operations

and Compliance
Search for malicious Get to the root cause Check system status Track disk space, memory,
artifacts in near of the incident fast, to (OS versions, patches and other
real-time to accelerate speed up remediation. etc.), ensuring hosts IT operations
your hunt for threats. comply with policies. artifacts quickly.
Uncover hidden threats faster across your
attack surface
Using MITRE ATTACK and other industry
best practices
Threat Hunting
Continuous hunting by elite
threat hunters
Human-driven hunts based on playbooks
producing high fidelity alerts
Systematic playbook development

Execute on new and historical data, pushing
the frontier of unknown threats
SecureX Threat Hunting Example alerts
Threat Hunting Alert MITRE ATT&CK
“Device executed Powershell to schedule a task that creates a text Tactics: Execution (TA0002), Persistence (TA0003), Defense
file of FTP commands, executes FTP Evasion (TA0005), Command & Control (TA0011).
and a downloaded malware.”
Techniques: Commonly Used Port (T1043), Scheduled Task (T1053)
“Device is communicating with malicious JavaScript that is posted WebService (T1102), Mshta (T1170).
on pastebin[.]com. The JavaScript is executed by Microsoft HTML
Applications utility, mshta.exe. The JavaScript “unescapes” an
encoded string to reveal embedded VBScript that is called by
wscript.exe and launches powershell. Persistence is maintained via
scheduled tasks.”
Remediation: Isolate the host from the network, perform forensic investigation, and reimage the system to prevent potential unknown
persistence methods.
SecureX Threat Hunting
What customers are saying…
Thank you for the notification; we are Thank you for this info, it was super helpful.
appreciative of the quick follow up, This endpoint has been taken offline and
effectiveness, and communication from our replaced.”
Cisco partners.”
Access
Protect applications from infected devices with the industry’s first
“Zero Trust on the Endpoint” approach
Block malicious devices from accessing applications.
Users use their devices to Cisco Secure Endpoint It notifies the MFA blocks that device
access application. running on the device MFA about the infected from accessing apps.
detected malware. device.
Secure endpoint access from anywhere on any
device
Virtual Private Network
Access from anywhere
Greater visibility
Comprehensive protection
Ease of use and management
Eliminate blind spots with
continuous monitoring and retrospective alerting
• What happened?
• Where did the malware
come from?
• Where has the malware been?
• What is it doing?
• How do we stop it?
https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html
Why Cisco?
Market Presence 2.2
trillion artifacts analyzed daily
6000+ endpoint 15M+ 70k AMP Ecosystem 100M DNS security more than any vendor
security customers protected endpoints customers customers
Industry’s first unified Strong Portfolio Validation

user access and device • 200B DNS requests/day • Deployed globally
protection solution • Broad OS/multi-platform support • Leader in Zero Trust
See once, block • Strong third-party integration • Third-party testing
everywhere • Visibility beyond managed endpoints • Fast ROI: 85% saw

value in ~1 wk
• EPP + EDR + XDR capabilities in
single agent
Vertical & Industry
Cisco Secure Endpoint for Education
A shifting landscape for education
Future-proof school Traditional anti-virus The number of vendors

endpoints is a solutions provide and appliances has
painstaking task with ineffective protection and proliferated and
a lean IT team. obscured endpoint visibility become unmanageable
Requirement for increasing compliance: CIPA, FERPA, COPPA, HIPAA

We need a more powerful,
yet simple way to protect
our students, teachers, and
their data at the endpoint
Introducing Secure Endpoint for Education
A Modern Endpoint Security Solution!
• Quickly detect advanced attacks such as
ransomware with multifaceted prevention,
attack surface reduction, and posture
assessments.
Cisco Secure XDR
• Decrease incident response time by up Endpoint
to 97% with advanced Endpoint VPN
EPP/EDR
Detection and Response (EDR) and built- Posture
in Extended Detection and Response AMP4E

Zero Trust
(XDR) capabilities. Orbital
Network visibility module

SASE
• Improve your security operations Umbrella
effectiveness by up to 86% and simplify Duo
your security by eliminating complexity

and enhancing SecOps productivity.
Where does Endpoint for EDU fit?
New Secure Endpoint

Premier
Secure Endpoint
for Threat Hunting by Cisco | Cisco
Secure Endpoint Pro (Available)
EDU
Secure Endpoint
Advantage Student device licenses are 1/5th the price of staff licenses
Secure Endpoint
Essentials Orbital advanced Search | Malware Analytics Cloud | Cisco Secure Endpoint Pro (Available)
200+ Pre-Defined Vulnerability, IT Operations, and Threat-Hunting Queries | Advanced Sandboxing Techniques
Cisco SecureX Platform | Platform Next Generation Endpoint Protection | Continuous Monitoring|
Dynamic File Analysis | Vulnerability Identification | Endpoint Isolation
†
Student device licenses will be available at 1/5 the price of staff licenses
** Secure Malware Analytics (formerly known as Threat Grid) for 1staff users licenses with the purchase of 500 or less endpoint licenses
††
Secure Malware Analytics (formerly known as Threat Grid) for 3 staff users licenses with the purchase of 500 or more endpoint licenses
Secure Endpoint for EDU introductory offer
The Endpoint for EDU package is licensed on a

subscription basis and determined by the total
number of your student, faculty and staff members.
We are offering student device licenses at 1/5 the
price of staff licenses. This offer is live now!
‣ Dive deeper. Schedule a meeting.
‣ See a demo
What’s next ‣ Reserve your spot for the beta
‣ Join our Threat Hunting Workshop

Presentation c97 737987

Uploaded by

Copyright:

Available Formats

Presentation c97 737987

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Presentation c97 737987

Uploaded by

Copyright:

Available Formats

Cisco Secure

Business Decision Maker Presentation

97% Reduction in response

86% Improvement in security

Incident Detection and Response Steps

Automation Cisco Security Experts Customer Actions

Key Actions by Cisco Key Communication with You

Attack surface reduction

Posture and IT Operations assessment

Secure Endpoint Pro

Dynamic Malware Analysis

Secure Endpoint Pro

Do more with less

Let our experts do the work

• Get fuller visibility to threats beyond the endpoints

3rd Party/ITSM Intelligence Identity SIEM/SOAR

Without Threat Response With Threat Response

2. Investigate and remediate incidents from

• Hunt Across Products, not just one control

• Unique combination of Orbital Advanced

Cisco Secure Cisco Cisco Secure Endpoint

Simplifies security with ONE agent across

• ONE agent radically reducing agent fatigue

Kenna Risk Score

Global Threat Intel

Harness built-in XDR capabilities from the Cisco SecureX platform

Speed investigation and response with Orbital Advanced Search

Quickly spot advanced threats with SecureX Threat Hunting

Have Secure Endpoint Pro accelerate your detection and response

Powered by rich threat intelligence from Cisco Talos

• Robust prevention, detection &

“Within the first 4 months of

“Secure Endpoint simplified SecOps and “In combination with Cisco

• Endpoints are the most common attack

2,200+ 175 2.3M+ 28K 2M

The Approval Response Action interface

• Must have a minimum of 500 endpoints in service

• Sold in 1, 3, or 5-year contracts; e.g. aligns to

• Aligns to licensing for the security technologies

Impact to users. Their •

needs. And key use •

Why the endpoint?

everything has to stop What’s needed?

… here’s how. Simplify operations by consolidating agents

• Streamline. Streamline. Streamline.

• Improve visibility and control

• ONE agent radically reducing agent fatigue

Unified, Single Agent View

ONE To let the

Recognized for accuracy, False Alarm Test

Factsheet Business Test (March-April 2020), go to: https://www.av-comparatives.org/tests/business-security-test-march-april-2020-factsheet/

• Sandboxing • Application control and allow list

Primary use cases:

Threat Hunting Incident Investigation Vulnerability IT Operations

Systematic playbook development

Access from anywhere

Ease of use and management

Industry’s first unified Strong Portfolio Validation

See once, block • Strong third-party integration • Third-party testing

everywhere • Visibility beyond managed endpoints • Fast ROI: 85% saw