Solution Briefs

Use Case: Stay Ahead of Attacks

Issue link:

Contents of this Issue


Page 0 of 1

U S E C A S E Attackers cannot hide on the internet — they leave behind cyber fingerprints across internet infrastructure. Prior to launching a campaign, attackers need to pay for, build, or borrow the infrastructure needed. For example, they set up servers, obtain or reuse IP addresses, and register domains to use. This often happens before they even perform reconnaissance on their targets or create the malicious payload. And all of this activity leaves fingerprints about the attack. Cisco Umbrella Investigate provides the most complete view of the relationships and evolution of internet domain names, IP addresses, networks , and malware — helping to uncover the infrastructure being staged and hunt emergent threats. Internet-wide visibility Investigate connects the dots between attackers' infrastructure, which helps attribute domains to specific attacks and malicious activity. Predictive intelligence Our statistical models accurately identify malicious domains, IPs, ASNs, and file hashes across the internet, and even predict where future attacks may be staged. Pivot through attackers' infrastructure With Investigate, you can pivot on different data points to see how domains are related to IPs, ASNs, and malware to map out the infrastructure used in an attack and uncover future malicious origins. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Umbrella Investigate Use Case: Stay ahead of attacks

Articles in this issue

view archives of Solution Briefs - Use Case: Stay Ahead of Attacks