Call a Specialist Today! 800-886-5369

Cisco Umbrella Investigate: Investigate attacks like never before

Attackers are already pivoting through your infrastructure. What if you could pivot through theirs?


Cisco Umbrella Investigate

Umbrella Investigate gives the most complete view of the relationships and evolution of internet domains, IPs, and files — helping to pinpoint attackers’ infrastructures and predict future threats. No other vendor offers the same level of interactive threat intelligence — exposing current and developing threats. Umbrella delivers the context you need for faster incident investigation and response.

Investigate console

1. Risk score

Access reliable threat scoring with rich visibility into what contributes to the score so you can triage faster.

2. DNS request patterns

See up-to-the minute views of DNS requests to a particular domain. A sudden spike in traffic may indicate malicious activity.

3. Passive DNS

Get deeper context on the domain with a snapshot of key events and tagged security categories for the past 5 years.

Investigate Console
Avanade use case

How Avanade uses Investigate for security and business decisions

Investigate is a swiss army knife of trying to understand endpoints on the internet. By using Investigate, it gives us that insight into why that’s happening, and how do we make the right business decision. Because blocking something is a business decision, it’s not always a technology decision.

Joseph Paradi
Executive – ITS Enterprise Services, Avanade

The Investigate Advantage

Access our realtime threat intelligence to:

Proactively protect users

Uncover attacker infrastructure and stop attacks before they launch

Better prioritize incidents

Identify what alerts need additional investigation

Speed investigations

Gain greater context for faster decision making and remediation

Intelligence that stacks up

Umbrella stops attacks from getting to your network or endpoints. Statistical and machine learning models combined with intelligence from Cisco Talos web reputation, Cisco Advanced Malware Protection (AMP) file reputation and AV engines for the most complete view of the relationships and evolution of internet domains, IPs, and malware. Easily enrich investigations with third-party integrations to amplify existing investment and…

  • 72% of customers reduced investigation time by 50% or more with Cisco Umbrella Investigate.

  • More than half of Umbrella respondents saw a reduction in malware infections by 75% or more

Partner Integrations

Leveraging Investigate for efficient incident response and predictive security

Before we used the Investigate API in our incident response process, it might have taken our incident responders many hours, or even days, to respond to an incident. Now we’ve automated much of that process, so we can get it down to a very quick and efficient few minutes.

Vivek Raman
Head of Security, Yelp

Yelp Use Case

Questions? We're here to help.

From offering expert advice to solving complex problems, we've got you covered. Get in touch with a Cisco Solutions Specialist today to learn more!