Cisco Security and Pure Storage
How Pure Storage and Cisco Security work together
The integration of Pure Storage® FlashArray™ and FlashBlade® with Cisco XDR leverages cutting-edge threat intelligence to substantially improve security visibility across the storage infrastructure. This partnership enables the seamless aggregation and analysis of security data from storage components, providing a more robust and proactive defense.
This powerful combination improves threat detection and response times, leading to a robust security posture and more efficient cyber threat management. Ultimately, it fortifies your defenses against the ever-evolving landscape of cyber threats, ensuring a secure and resilient infrastructure.
Product integration details
This integration provides a suite of automated workflows that are triggered by alerts or incidents on the Cisco XDR portal. These workflows execute actions on Pure Storage FlashArray™ and FlashBlade® target systems, following predefined automation rules. Administrators can tailor these rules to meet specific security requirements.
Leveraging advanced analytics and artificial intelligence, Cisco XDR assesses threat severity and activates the appropriate response measures through these workflows, ensuring rapid and effective mitigation of potential threats within the storage infrastructure.
Pure-Storage-Volume-Snapshot: This workflow performs a volume snapshot operation on the set of volumes configured on the Flash Array (On-Premises Target) using the names provided as an input variable. This operation is triggered by Cisco XDR to safeguard the volume data as a threat response, using action scripts in response to any critical alerts or incidents.
Pure-Storage-Protection-Group-Snapshot: This workflow performs a Protection Group snapshot operation on the set of protection group volumes configured on the Flash Array (On-Premises Target) using the names provided as an input variable. This operation is triggered by Cisco XDR to safeguard the volume data inside the protection groups as a threat response, to any critical alerts or incidents.
Pure-Storage-Delete-User: This workflow performs a user deletion on the Flash Array (On-Premises Target) using the names provided as an input variable. This operation can be triggered by Cisco XDR to safeguard against multiple failed login attempts to the Flash Array.
Pure-Storage-Filesystems-Snapshot: This workflow performs a Filesystem snapshot operation on the set of filesystems configured on the FlashBlade (On-Premises Target) using the names provided as an input variable. This operation is triggered by Cisco XDR to safeguard the filesystem data as a threat response, using action scripts in response to any critical alerts or incidents.