Cisco XDR UI displayed on monitor

Cisco XDR

Licenses

Overview Resources Licenses Webinars

Get the full-featured package that best fits your environment

Built by practitioners for practitioners, the Cisco XDR Essentials, Advantage, and Premier tiers allow you to select the solution that best aligns with the needs of your business.

Software featuresCisco XDR EssentialsCisco XDR AdvantageCisco XDR Premier

Security analytics and correlation

This built-in analytics and correlation engine can ingest a vast variety of events and telemetry.

   

Threat intelligence​

Combine multiple sources of threat intelligence, in addition to the built-in Cisco Talos intelligence to improve context.

   

​​Threat hunting

Use advanced threat hunting with a comprehensive, yet simple user experience.

   

​​​​Incident response actions

The built-in Response Playbook allows security analysts and incident responders to quickly respond to a breach.

   

Incident prioritization

Incidents are assigned a priority score and automatically enriched. New, relevant detections discovered during enrichment are added.

   

Asset context

This Insights feature extends the integration framework to collect data about device inventory and posture.

   

User context

This is added to investigation results and enriched incidents to provide better context and speed resolution.

   

Custom automation workflows

This no-to-low-code approach for building automated workflows enables interaction with many types of Cisco and third-party resources and systems.

   

Automation Workflow Exchange

Quickly discover, install, and operationalize new curated automation workflows within a few clicks.

   

Cisco Software Support Services (SWSS) Enhanced

This provides 24/7 tech support, a 30-minute response time, onboarding help, ongoing digital adoption, and an annual security health check.

   

Third-party integrations

Benefit from commercially supported and curated integrations with select third-party tools across a range of vectors.

   

Cisco Managed Detection and Response (MDR)

Cisco security experts provide this managed Cisco XDR service. It includes security validation through pen testing and select Talos IR services.

   

Cisco Talos Incident Response (Talos IR)

Talos IR provides a full suite of proactive and emergency services to help you prepare, respond, and recover from a cybersecurity incident.

   

Cisco Technical Security Assessment (CTSA)

Assess security posture with advice on threats, the capacity for realization, and potential impact on operational resilience.

   

 


5 ways to experience XDR

Explore the top five XDR use cases mapped to the NIST Incident Management Framework.

Take the next step

It's time to go from endless investigation to remediating the highest priority incidents with greater speed, efficiency, and confidence.