Co-Hosted With Cisco | 60 Min Video

As part of Cybersecurity Month, Sunset Learning Institute and Cisco are teaming up to bring you a joint session on how Splunk and Cisco combine to deliver stronger security outcomes. Together, we break down SIEM, SOAR, and XDR, showing how they work together for a stronger defense strategy, enhanced by Cisco ISE’s critical identity and access context.

You’ll discover how the Splunk + Cisco integration improves visibility and response speed while driving efficiency and reducing costs. Together, they empower security teams to do more with less, streamlining workflows, lowering risk, and strengthening protection across the enterprise.

Watch more videos like this on our YouTube Channel.

Integrated Security Solutions

• Splunk and Cisco’s integration provides unmatched security outcomes by combining Splunk’s 4 petabytes of daily data ingestion with Cisco’s handling of 800 billion security events, monitoring of 1 billion endpoints, and analysis of 625 billion web requests daily.
• The Splunk-Cisco partnership enables seamless threat detection and investigation through Cisco XDR, understanding suspicious user activities from Duo, and launching phishing investigations via email threat defense, offering deep network visibility and real-time threat intelligence.
• Splunk’s Enterprise Security product offers 1900+ pre-built detections and risk-based alerting, prioritizing and combining alerts to reduce noise and allow analysts to focus on high-risk threats.

Automation and Efficiency

• Splunk SOAR automates remedial tasks in SOCs by creating playbooks and taking automated actions, significantly improving efficiency and saving time for analysts.
• Splunk’s AI assistant for security helps newer and mid-tier analysts build detections and investigations by generating queries, summarizing findings, and suggesting next steps and remediation guidance.
• The Cisco Security Cloud app simplifies setup, normalizes data, and enables effective correlation and actionable intelligence across various Cisco security capabilities, including AI defense, secure endpoint, and XDR.

Advanced Threat Detection

• Splunk Attack Analyzer provides automated malware analysis by evaluating malware samples, QR codes, images, and URLs to determine their maliciousness, helping detect unknown threats and anomalies in real-time.
• Splunk User Behavior Analytics detects anomalies in user behavior, such as logins from different locations, by analyzing user behavior patterns and entity relationships, increasing mean time to detect and respond to security threats.

Comprehensive Learning Path

• A 20-course learning path on Splunk and Cisco security products integration offers 19 hands-on labs, 50 videos, and 32 CE credits, designed for intermediate-level learners covering observability, XDR, SIM, SOAR, and integrations.
• The learning path is divided into six tracks with pre- and post-assessments for continuing education credits, taking learners from “crawl to walk” in understanding these integrations.

Enhanced Threat Intelligence

• The Splunk add-on for Talos Intelligence automatically enriches alerts in Splunk Enterprise Security with real-time threat intelligence from Cisco Talos, providing valuable context for analysts to quickly assess risk and respond to threats.
• Splunk’s Asset and Risk Intelligence product helps build out asset and identity frameworks within enterprise security, providing critical context for attribution and speeding investigations, enabling customers to reach determinations and take action more quickly.