Today's attackers are evading prevention defenses by impersonating company employees and leveraging built-in IT admin tools such as PowerShell. Therefore, blue teams are focusing on analyzing user behavior—on and off the corporate network—and adding new monitoring opportunities to catch anomalous activity. Add User Behavior Analytics (UBA), Endpoint Detection and Response (EDR), and Deception technology to your Cisco security infrastructure with Rapid7 InsightIDR.
InsightIDR integrates with Microsoft Active Directory (including Azure AD), Cisco IOS DHCP, and LDAP to bring user behavior analytics to your data. Once you connect these event sources to InsightIDR, activity on your network is automatically correlated to the users and assets behind them. InsightIDR natively ingests data from Cisco ASA Firewall & VPN, Meraki, Sourcefire, and IronPort for log search, reporting, data visualization, and to power our prebuilt threat detections.