Cisco Security and Cohesity

DEFEND YOUR DATA, REFUSE the RANSOM with COHESITY & CISCO

Fight ransomware attacks with a first-of-its-kind integrated data protection solution with Cisco XDR.

Cohesity radically simplifies data management. We make it easy to protect, manage, and derive value from data — across the data center, edge, and cloud. We offer a full suite of services consolidated on one multicloud data platform: backup and recovery, disaster recovery, file and object services, dev/test, and data compliance, security, and analytics — reducing complexity and eliminating mass data fragmentation. Cohesity can be delivered as a service, self-managed, or provided by a Cohesity-Powered partner.

Integration Overview:

  • Cisco XDR: Integrating Cohesity DataProtect with Cisco XDR allows SOC and IT teams to automatically take a snapshot of business-critical data as often as needed, early in the incident response process. Automated workflows also allow teams to rapidly recover impacted assets from recent and immutable backup snapshots.

XDR Automate Exchange workflows:

  • Cohesity - Take Protection Group Snapshot
    This workflow appears in the pivot menu and enables you to capture snapshots of virtual machines in Cohesity Data Cloud. Snapshots are taken for all virtual machines in the protection group to which the selected virtual machine belongs. Supported observable: serial number
  • Cohesity - Take Protection Group Snapshot for Affected VMs
    This workflow is triggered by an automation rule when an incident is created in Cisco XDR. When triggered, the workflow will identify assets in the incident and attempt to take a snapshot of each asset using Cohesity Data Cloud.
  • Cohesity - Identify Restore Point for Affected Virtual Machines
    This workflow is triggered by an automation rule as soon as an incident is created in Cisco XDR. Once triggered, the workflow retrieves the list of virtual machine assets associated with the incident and then determines the most recent and viable restore point for each virtual machine in Cohesity Data Cloud.
  • Cohesity - Restore Virtual Machine to Most Recent Snapshot
    This workflow appears in the pivot menu and leverages Cohesity Data Cloud to restore the selected virtual machine to its most recent backup snapshot. Supported observable: serial number

Useful links