Our digital world is expanding at a phenomenal rate opening new attack vectors for cybercrime. At the same time, cybercriminals are continuously devising new techniques that increase the efficiency of their attacks. So, how can the “good guys” stay ahead of the bad actors? Just detecting and tracking new threats is not enough. What’s needed to stay ahead of tomorrow’s exploits is the proactive approach for comprehensive security and threat intelligence that Talos provides.
Talos Takes the Initiative
Cisco Talos Intelligence Group is a threat intelligence organization devoted to providing superior protection to customers using Cisco products and services. One of the largest commercial threat intelligence teams in the world, Talos is comprised of world-class cybersecurity researchers, analysts, and engineers. Talos defends Cisco customers against known and emerging threats, discovers new vulnerabilities, and interdicts cyber-threats before they cause further harm to the internet at large. Talos also contributes information to numerous open-source and commercial threat protection systems and works closely with several community-based cybersecurity organizations such as Snort.org, ClamAV, and SpamCop.
Unrivaled Visibility and Telemetry
Talos collaborates with the Cisco’s Incident Response, Penetration Testing, and Advanced Services teams to gather cybersecurity data that spans across networks, endpoints, cloud environments, virtual systems, and daily web and email traffic into an overall intelligence stream used to develop and distribute protection to Cisco customers. This unrivaled telemetry of data gives Talos visibility and context to data, which provides them with unique insights into targeted attacks and advanced persistent threats. The combined expertise of their world-class team of engineers and analysts, along with unrivaled cybersecurity data collection, and sophisticated systems enable Talos to create accurate, rapid, and actionable threat intelligence.
Intelligence Gathering and Analysis
Talos has developed one of the most comprehensive intelligence gathering and analysis platforms in the industry. It gathers data from a variety of sources, including:
- Community Driven Threat Intelligence: Talos receives valuable intelligence through ClamAV, SNORT, Immunet, SpamCop, Talos Reputation Center, Threat Grid, and other user communities. Talos also collaborates with users around the globe with the Crete program, a collaborative exchange between Talos and Cisco FirePOWER customers, to detect regionalized threats as they emerge.
- Public and Private Intelligence Feeds: Talos analyzes numerous feeds every day for new threats and acts on information in real time to develop new detection content.
- Real-Time Malware Intelligence: Talos collects more than a million malicious software samples each day acquired from product telemetry, honeypots, sandboxes, and industry partnerships.
- Research: Talos identifies, investigates, and documents new threats and cybercriminals.
Cisco Collective Security Intelligence
Talos is the primary contributor of threat information to the Cisco Collective Security Intelligence (CSI) ecosystem. CSI comprises several teams across Cisco delivering industry-leading security protections and managed security services across multiple solutions. In addition to Talos, CSI includes Cisco’s Security and Trust Organization, Managed Threat Defense Team, and Security Research and Operations. CSI is driven by threat researchers, intelligence infrastructure, product and service telemetry, public and private feeds and the open source community.
Comprehensive and Proactive Approach
Talos provides a comprehensive and proactive approach to network security. It has a long history of leadership and success in the industry. Talos focuses on high-quality, customer-driven security research that sets the bar for accuracy and relevance. Their research and intelligence gathering translate directly into award-winning products and services. These products directly contribute to Talos’ telemetry, which in turn provides threat detection for any environment to protect all types of assets.
For example, Cisco Advanced Malware Protection (AMP) for Endpoint blocks malware at point-of-entry, and continuously monitors for threats. AMP for Endpoint includes global threat intelligence from the Talos security team including, threat alerts, file monitoring, and malware logs. AMP shares the threat intelligence with network security, email security, and web security appliances; resulting in an interconnected environment of malware protection solutions that exchange threat intelligence and learn from one another.
Talos also utilizes this extensive threat intelligence to make the internet safer for everyone. It releases numerous open-source research and analysis tools and makes a variety of free software, services, resources and data available to the public. Additionally, Talos promotes an informed security community by posting their research and information about new threats on their blogs, newsletters, social media, and podcasts.
Travis Niedens, Senior Security Solutions Engineer at Cerium, is impressed with the work Talos is doing, “Talos is one of the best security approaches I have seen in my career” Travis said. “Their approach addresses security needs in various ways including creating rules for industry-leading security products, researching emerging and current security risks and publishing blogs to discuss current security issues. This group and the infrastructure they use represents a major investment by Cisco and commitment to security.”
Cisco Security Offerings
Cisco provides a wide range of products and services that rely on insight from Talos to help secure networks from sophisticated cybersecurity threats. If you use Cisco security products, you’re harnessing the power of Talos’ threat intelligence. Talos is just one of the ways Cisco demonstrates its deep commitment to cybersecurity and keeping the internet safe for everyone.
Cerium’s Cisco Gold Certification places us in the top echelon of technology advisers. Combining our Cisco expertise with our value-added services portfolio uniquely positions Cerium to serve as your trusted technology adviser for deploying Cisco solutions that can prevent malicious threats to your network and protect your critical data.
