Issue link: https://insights.oneneck.com/i/1469039
CHAPTER 4 SASE Components and the Cisco Approach 31 These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. Cloud access security broker (CASB) functionality Cisco Umbrella exposes shadow IT by providing the capability to detect and report on the cloud applications that are in use across your environment. Umbrella App Discovery provides: » Extended visibility into cloud apps in use and traffic volume » App details and risk information » Capability to block/allow specific apps CASB insight enables better management of cloud adoption, risk reduction, and the capability to block the use of offensive or inap- propriate cloud applications in the work environment. Interactive threat intelligence Cisco Umbrella analyzes over 200 billion DNS requests daily, taken from Cisco's global network into a massive graph database. It also continuously runs against statistical and machine learn- ing models. This information is constantly analyzed by Umbrella security researchers and supplemented with intelligence from Cisco Talos to efficiently discover and block an extensive range of threats. Umbrella is powered by this threat intelligence, and Cisco provides you access to that data to enable you to accelerate threat response and detection. Analysts can leverage Umbrella Investigate for rich intelligence about domains, IPs, and malware across the Internet. Investigate provides: » Deep visibility into current and future threats » Better prioritization of incident investigations » Faster incident investigations and response Cisco's unique view of the Internet enables Umbrella to uncover malicious domains, IPs, and URLs before they're used in attacks, and helps analysts to accelerate investigations.