Cisco Umbrella
Experience the power of CompassOne
Get a DemoIntegrate. Simplify. Protect.
Easily meet compliance and retention goals by capturing and storing Cisco Umbrella security events and logs. Deploy a powerful, lightweight SIEM without the heavy cost or complexity of traditional solutions.
Cisco Umbrella + Blackpoint Overview:
01Effortless log collection
Easily gather real-time Cisco Umbrella data including DNS, firewall, intrusion, and proxy events.
02Satisfy compliance, insurance, and regulatory needs
Capture and store logs essential for regulatory frameworks, cyber insurance policies, and routine audit reviews. Easily retrieve logs with built-in search capabilities to support review cycles.
03Predictable and affordable billing
Say goodbye to unpredictable fees and complicated log pricing models. CompassOne offers straightforward, monthly flat-rate billing per Cisco Umbrella integration. No data tiers and no surprises.
04Robust log search
Drill down fast with time filters, field-level sorting, keyword searches, and advanced queries to make incident reviews and investigations efficient.
05Capture critical endpoint network security events
Understand endpoint and user activity with detailed visibility into DNS queries, firewall activity, intrusion attempts, and proxy usage from Cisco Umbrella.
06Complimentary and extended storage
Get 12 months of Cisco Umbrella reporting event storage at no additional cost. Longer retention options are available at a predictable monthly rate.
07Supports security investigations
Integrating your Cisco Umbrella data provides additional telemetry that the 24/7 Blackpoint SOC may use during event triage and incident investigations.
08Simple setup
Create a new API token in the Cisco Umbrella web application, add the token into the CompassOne portal, and watch events appear.