Monitor your Cisco Umbrella network logs with Datadog Cloud SIEM
Cisco Umbrella is a platform for monitoring and maintaining DNS-layer security across networks, detecting malicious behavior like DNS hijacking and spoofing. However, the sheer volume of logs it generates can overwhelm security teams. Datadog's Cisco Umbrella DNS integration enables users to collect and process these logs, visualize data, generate metrics, and alert on various network activities from a centralized platform. The integration also provides out-of-the-box automatic detection of suspicious network activity and enhanced visibility into security posture with customizable dashboards. Datadog Cloud SIEM continuously scans Cisco Umbrella DNS logs for potentially malicious activity, generating security signals that can be correlated with observability data and third-party alerts. Users can create custom detection rules or use pre-configured rules aligned with the MITRE ATT&CKĀ® framework to automate alerts and remediation for suspicious activities. Additionally, two out-of-the-box dashboards provide a high-level view of DNS and proxied network activity, offering essential insights that help security teams quickly assess their environment's health and security.
Company
Datadog
Date published
Nov. 11, 2024
Author(s)
Vera Chan, Jason Hunsberger
Word count
956
Language
English
Hacker News points
None found.