Professional Documents
Culture Documents
Securex BDM Presentation: - Long Version
Securex BDM Presentation: - Long Version
1 Problem/need
Core slides This scripted slides in the deck
take <19 mins to present. All times
on the slides are in seconds.
50s 74s 71s 56s 66s Each scripted slide has defined
goals and full narrative.
2 Our platform
Buyer Audience:
70s 70s 51s 73s 53s 74s 72s CISOs/CIOs and managers/
decision makers with small
3 Demo 4 Integrations 5 Closing SecOps teams that desire better
collaboration with ITOps and
https://dcloud2-rtp.cisco.com/content/inst NetOps.
antdemo/cisco-securex-v1-instant-demo-
2 64s 58s 54s 46s 31s 72s 23s
Seller Audience:
For use by specialist cybersecurity
A Customer quotes B SecureX dashboard and ribbon for visibility deep dive sellers, SEs or architects that want
a comprehensive overview.
D SecureX orchestration (with pre-built workflows) deep dive Only 1-2 slides outlined in yellow
should be presented; they may be
more suitable if the audience
includes technical team members.
ISE BDM
Secure DC BDM
SELLER REFERENCE ONLY Note: Right click on text to open SalesConnect hyperlink
Need more guidance? - Check out our seller guides
Conversation starter Enterprise agreement enabler FAQ Platform positioning and selling motions
M a x im iz e e f fic ie n c y
4 w it h S e c u re X You can find the Se c ureX BDM long ve rsion here :
o rc h e s tra tio n https ://s ale s conne ct.cis co.c om/ope n.html?c =690f
cf4 0- 176b - 4fb6- a4 a0- 21b4e 4f60597
N e x t s te p
5 a n d re s o u rc e s
P r o d u c ts S e c u re X T h re a t In t e g ra t io n s w it h S e c u re X 3 rd O p e n s o u rc e /
A w it h b u ilt B R e s p o n s e D ic tio n a ry C S e c u re X P o rtf o lio D P a rty In t e g ra t io n s E c o m m u n it y
in S e c u re X
In s e rt the s e s lid e s as ne e d e d
SELLER REFERENCE ONLY Note: Right click on text to open SalesConnect hyperlink
SecureX
Business Decision Maker
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 5
And the security industry has made it more complex than
ever
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Source: CISO Benchmark Study 2020 6
A platform approach confidently tackles
the most pressing security operation challenges
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 7
Building a platform takes time and
engineering talent
Started with Began acquiring Unified The most comprehensive integrated
foundational new technologies and networking cybersecurity platform on the planet
security solutions innovating at a rapid pace and security gets even better
Network Cloud Web Network Unified Threat Enterprise Firewall CASB Access Management
Segmentation Security Access Management Security Services Network Security Threat
Email Security Gateway Control VPN Policy Response
Web Security
Gateway
Malware Analysis Cloud Security SD-WAN Cloud Email
Endpoint Detection Traffic Analytics SD-Access Security
and Response Workload Protection Application Performance Supplements
NGIPS Management
DC Networking Cloud Analytics
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 8
And requires a broad security portfolio
Backed by unrivaled threat intelligence
Firewall and IPS Endpoint Protection, Cloud Access Security Workload Protection
Network Access Detection and Response DNS-Layer Security
Control Multi-Factor Authentication Secure Web Gateway
Traffic Analytics Email Security
threat Cloud-Delivered Firewall
intelligence Secure Web Gateway
Cloud Analytics
Malware Analytics
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 9
Introducing SecureX
A cloud-native, built-in platform experience within our portfolio
Cisco Secure Your Infrastructure
Unified Visibility
Your teams
SecOps ITOps NetOps
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 10
Our portfolio includes XDR capabilities and beyond
SOAR XDR
API-based
integration X-product integration
These values in Simplified experience
Simplified SOAR/XDR platforms
policy
and beyond are a Unified visibility
Process + Simplified analytics
fundamental right
automation
Response efficiency in SecureX Operational efficiency
And more
Included In 15 minutes, In half the time, Save 100 hours 85% reduction
with every Cisco you achieve real benefits customers say they by unifying visibility in time to respond to
Secure product using what you already have visualize threats within and automating and remediate
as it’s cloud-native their environment1 your workflows2 an attack2
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 13
How true simplicity is experienced
Before: 32 minutes After: 5 minutes
Go To:
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 14
SecureX threat response deep dive
What unified visibility looks like
Before: “We swivel our After: “We instantly see what
chair to see many views” matters to us in one view” “We can view ROI metrics and
operational measures across
many products in one or more
Dashboard Integrations Orchestration Administration customizable dashboards”
Integrations
available
“We can try other platform
integrations with a click
C2 blocked before we buy”
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 15
Maximizing operational efficiency
Before: Repetitive, Solution: Orchestrating After: I combined 9 tasks across 3
human-powered tasks security across the security tools, 2 infrastructure
full lifecycle systems, and 3 teams in one
Pre-built or customizable workflows keystroke!
Playbook Automation
Outdated script that
playbook works ALERT
“sometimes” I make automated playbook changes in
minutes with a drag-drop interface
Cisco or
non-Cisco task
infrastructure
condition task
We have never communicated faster:
task task Our approvals are automated
while
loop
Integration My top 5 most frustrating tasks have all
script that no
longer works be automated
task:
REMEDIATE
Go To:
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 16
SecureX threat response deep dive
The platform experience is built on breadth
to improve product efficacy
76% 83%
of organizations with Secure Email use SecureX threat of organizations looking to identify and remediate
response to investigate the source of the threat through threats faster use SecureX threat response in their SOC
comprehensive relationship graphs1
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential [1] Source: TechValidate 17
Endpoint security with SecureX built-in
Enhance endpoint
The platform experience improves detection and response
supported with
endpoint security telemetry
from other
security controls
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 18
Email Security with SecureX built-in
Use email as a
Email security enhances the threat vector for better
insight into context of a
platform experience threat
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 19
Network security with SecureX built-in
Analytics:
additional incident
Network security enhances the enrichment to speed up
platform experience execution of
remediation actions
Firewall:
The platform experience achieve a more
improves network security complete way to combat
phishing attacks
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 20
Demo
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Partner Confidential 21
Meaningful integrations with your investments
not just a simple syslog data dump
Third-party Cisco Third-party General
security infrastructure infrastructure infrastructure
Operational tools, Networking, collaboration, IT service management, Scripting/dev tools, system
intelligence sources, server/app, and multicloud and cloud/virtual and interfaces, data exchanges,
infrastructure protections and management platforms devOp platforms and messaging protocols
visibility
ACI
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 23
SecureX in the classroom
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 24
Services to unlock your full potential
Reach your outcomes and resolve roadblocks towards a mature security posture
faster with these Cisco CX Services:
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 25
Maximize your security investment with
buying programs
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 26
98% 95% 91%
Proven platform found the unified view
enables rapid threat
say that our security
platform helps them
find that our
security platform
with 10,000+ response take action helps their teams
and remediate collaborate more
customers
unlocking new
“I am able to visualize threats within my
value today with environment and take action in half the time it
SecureX used to take me.”
threat response —Security Engineer,
Large Enterprise Banking Company
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 27
Simplify your security with
the broadest, most
integrated platform
cisco.com/go/securex
learningnetwork.cisco.com
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 28
Customer quotes
“ A platform approach like SecureX is the future of
security at Mohawk Industries. It will make
things easier, faster, and we will see much more
going on in our environment than ever before.
Fortune 315 The automation and custom playbooks we have
$10B revenue seen in SecureX will make a difference in a zero-
42K employees trust environment and will improve security for
our company even further.
Michael DeGroote,
”
Infrastructure Consultant
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 31
“ One of the most important aspects as a CISO is
to make sure I feed intelligence into other
agencies. The platform approach gives us
excellent, superb stitching-together of forensic
”
Top 400 university investigations.
in the world
3,100 staff Mick Jenkins,
15,000 students Chief Information Security Officer
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 32
“ The harmonized network security and
collaborative platform is key when all teams can
work together to solve a problem. You’re most
vulnerable when you have silos. This platform
unifies visibility and taps into DevOps, SecOps,
Alvarez and Marsal
and even infrastructure.
management consulting for
38% of the Fortune 500 Collin John,
4,500 employees
65 offices, 24 countries
Global Security Manager
”
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 33
SecureX dashboard and
ribbon for visibility
Deep dive section
A new level of visibility with SecureX dashboard
• Applications (left)
View, launch or trial the integrated products
• Tiles (middle)
Presents metrics and operational measures
from the integrated products
• News (right)
Product updates, industry news, and blog
posts
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 35
Have it your way with customizable dashboards
• Up to 5 customizable dashboards
per user
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 36
Never lose context with SecureX ribbon
Incidents Find observables on page
Casebook Query
Home endpoints Search Settings
Max/Min
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 37
Never lose context with SecureX ribbon
Scenario: What about Bob?
BEFORE: AFTER:
Cannot maintain context of a user, device, app, Maintain awareness of what is happening across
location, threat or policy when you sign on your security infrastructure with SecureX sign on
separately to each security technology and ribbon with fewer clicks
cloud security cloud security
product sign-on product details ... and ran
manage cloud a bad file
Who are How can Bob visited a manage endpoint Bob visited a and sent IP
you? I help? bad site bad site to Gmail
manage email
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 38
Go Back: Maximizing operational efficiency
SecureX threat response
Deep dive section
Accelerate investigations in SecureX
SecureX threat response
Aggregate and query global intel and
local context in one view
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 40
Investigate with intelligence, context and response
SecureX threat response
Are these observables suspicious Have we seen these observables? Where? What can I do about
or malicious? it right now?
Which endpoints connected to the domain/URL?
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 41
Backed by the industry’s best threat intelligence
00I00 I00I0I II0I0I 0II0I I0I00I0I0 0II0I0II 0I00I0I I0 Analyze activity related to
Analyze network telemetry
II0III0I 0II0II0I II00I0I0 0I00I0I00 I0I0 I0I0 I00I0I00 suspicious payloads
II0II0I0I0I I0I0I0I 0I0I0I0I 0I0I00I0 I0I0I0I 0II0I0I0I Detect and block threats
Threat processing centers
III00II I000I0I I000I0I I000I0I II 0I00 I0I000 0II0 in email messages
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 43
See and stop attacks in minutes with a few clicks
SecOps with SecureX threat response
Query intel
Visualize
and context
the impact of
Email from your
threats in your Address
Malicious URL integrated
environment
security
Message Malicious
Target
Domain
Email
IP
IP
Extract observables Malicious 85% reduction
Domain SHA-256 Message
from browser content in time to respond
with 1 click and remediate to
an attack
Target
Suspicious URL
Endpoint
Security blogs Isolate hosts
Target Target SHA-256 Target
Cisco interfaces Network Endpoint Email Block files
3rd-party interfaces Block destinations
Or eliminate the clicks, by automating this workflow
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 44
Go Back: Maximizing operational efficiency
SecureX orchestration
with pre-built workflows
Deep dive section
Introducing SecureX orchestration
Investigate Automate
Reduce research and response Eliminate repetitive tasks and
times with workflows and reduce MTTR to increase
Process automation playbooks that execute at
machine speed
productivity and focus on
mission-critical projects
made simple with a
no/low-code drag-drop
interface Integrate Scale
Unique turnkey approach to Automation that scales infinitely
quickly integrate with other and never takes a day off,
systems and solutions to expand delivering the same SLA around
your toolbox the clock
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 46
Change how teams interact with products
to solve problems
BEFORE: AFTER:
UNLOCK NEW USE CASES
No use cases beyond SecOps,
● Threat hunting ● Offload Office 365 traffic
and little collaboration with ITOps and NetOps
●● Phishing investigation ● Optimize VPN capacity
● Vulnerability management ●●● Build your own workflow
ITOps
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 47
Advance SecOps maturity for threat hunting
Strengthen breach defense
Visit research blogs Hunt for IOC activity Contain threats BEFORE
SecOps Too much human
Visit Cisco Talos Create chat room Get authorization
error occurs in
Visit third parties Check traffic and connections Block domains and IPs less mature
teams
Check privilege changes Isolate endpoints
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 48
Unify ITOps and SecOps for phishing investigation
Strengthen breach defense
Email submission Investigate observables Mitigate phishing attack BEFORE
Sec IT Lack of context
Extract observables Enrich observables (IP/hash) Get authorization
Ops Ops can degrade
Determine verdict Block domains and IPs breach
Pre-process and collect threat data
readiness and
Isolate endpoints response
Context from other technologies
Create chat room
Update email spam rules
Add hashes to outbreak list
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 49
Eliminate ITOps tasks for vulnerability management
Strengthen breach defense
Look for CVE advisories Look for vulnerable devices Create IT service ticket BEFORE
ITOps Can take too
Visit Microsoft Security Response Is network share present? Describe fix for client/server
Center remote code execution
long before a
Is SMB compression disabled? breach happens
Visit other CERTs
Is Win build 18362 or 18363?
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 50
Eliminate NetOps tasks optimizing VPN capacity
Secure remote workers
Monitor VPN capacity Check for defined threshold Create IT service ticket BEFORE
NetOps Impact on
Monitor active session Collate data from multiple sites Request authorization
network
Understand maximum allowed Has the device load >=70%? Deploy additional head-end performance
VPN session due to lapse in
monitoring
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 51
Eliminate NetOps tasks offloading O365 traffic
Secure remote workers
Look for Microsoft list Configure exclusion list Deploy headend capacity BEFORE
NetOps IP-based exclusion for O365 traffic
Impact O365
Manually convert exclusion list Create ticket
defined performance,
Identify related FW Execute commands on FW VPN saturation
Fetch destination JSON IP/domain list due to errors/
Check for next update batch delay in
Parse FW commands w/Python
manual update
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 52
Collaborate better by building your own workflow
Simplify complex playbooks
Incident identification Investigate observables Formulate response BEFORE
Sec IT Manual steps
Triage and prioritize Aggregate and assess impact Get authorization
Ops Ops drain
Create a case Query multiple technologies Block domain/isolate hosts productivity and
multiple
Assign analyst* Retrieve disposition Access management blind spots
Net
Ops Extract observables Create a snapshot Update policy+infra changes
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 53
Go Back: Maximizing operational efficiency