Technology Integration
Important
Medium
80% Confidence
Cisco Validates Layered SOC Defense Architecture Through Live Exercise
Summary
Cisco security team deployed an integrated SOC solution in a 48-hour live exercise, demonstrating a three-layer defense architecture inspired by Dutch Delta Works. The architecture integrates Cisco's own products (XDR, FTD, SNA) with acquired assets (Splunk, Endace) for closed-loop analysis from traffic monitoring to attack forensics.
Key Takeaways
Cisco security team conducted a 48-hour 'SOC-in-a-box' exercise, successfully deploying a security operations center protecting a small city-scale network. The briefing detailed a three-layer defense architecture inspired by Dutch Delta Works: foundation layer (SNA+NetFlow for continuous monitoring), dynamic protection layer (Firepower Threat Defense for intelligent blocking), and intelligent coordination layer (XDR+Splunk for advanced orchestration). Demonstrated end-to-end analysis from XDR alerts to Endace forensics.
Why It Matters
demonstrated the deep integration capability of acquired assets and its own products...