01-27-2015 10:36 PM
We heard SIO + SourceFire VRT become talos.
While you have TOC(Threat Operation Center) and CSI(Collective Security Intelligence).
What is difference between them, SIO/CSI/TOC/talos/VRT ?
kind regards,
02-02-2015 04:56 AM
I may be wrong.
But i believe each respective team handles different concerns.
While I cannot give you more details as I myself have not looked into it deeper at this point.
02-02-2015 10:16 AM
Threat Operations Center (TOC) & Security Intelligence Operations (SIO) - http://tools.cisco.com/security/center/home.x
For the ESA - this would relate back as the features for Antivirus (Sophos/McAfee), AntiSpam (CASE), and Virus Outbreak Filters (VOF), and also general OS level threats and vulnerability - which includes our PSIRT organization.
Collective Security Intelligence (CSI) - This comprises multiple teams across Cisco delivering security protections and managed security services. CSI consists of the Security and Trust Organization, Managed Threat Defense (MTD), Security Research and Operations (SRO), and Talos.
Cisco Talos Security Intelligence and Research Group (Talos) - http://www.cisco.com/c/en/us/products/security/talos.html - Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence ecosystem.
Vulnerability Research Team (VRT) - Snort/Sourcefire - http://www.sourcefire.com/solutions/research
For the ESA, this is the newer, next level of features - AMP (Sourcefire), URL filtering, etc.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide