cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3022
Views
8
Helpful
2
Replies

SIO/CIS/TOC/talos/VRT

shigeki KOITO
Level 1
Level 1

We heard SIO + SourceFire VRT become talos.

While you have TOC(Threat Operation Center) and CSI(Collective Security Intelligence).

What is difference between them, SIO/CSI/TOC/talos/VRT ?

 

kind regards,

2 Replies 2

Mathew Huynh
Cisco Employee
Cisco Employee

I may be wrong.

But i believe each respective team handles different concerns.

While I cannot give you more details as I myself have not looked into it deeper at this point.

Robert Sherwin
Cisco Employee
Cisco Employee

Threat Operations Center (TOC) & Security Intelligence Operations (SIO) - http://tools.cisco.com/security/center/home.x

For the ESA - this would relate back as the features for Antivirus (Sophos/McAfee), AntiSpam (CASE), and Virus Outbreak Filters (VOF), and also general OS level threats and vulnerability - which includes our PSIRT organization.

Collective Security Intelligence (CSI) - This comprises multiple teams across Cisco delivering security protections and managed security services. CSI consists of the Security and Trust Organization, Managed Threat Defense (MTD), Security Research and Operations (SRO), and Talos.


Cisco Talos Security Intelligence and Research Group (Talos) - http://www.cisco.com/c/en/us/products/security/talos.html - Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence ecosystem. 

Vulnerability Research Team (VRT) - Snort/Sourcefire - http://www.sourcefire.com/solutions/research

For the ESA, this is the newer, next level of features - AMP (Sourcefire), URL filtering, etc.  

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: