A bit of personal history, self-aggrandizing, product promotion, and a Metallica reference.
I was tasked to get the Cisco Fire Jumper certification a couple of years ago as my company was pursuing the Master Security Partner designation. The company certification consisted of a huge audit of expertise and client interactions as well of hours of presentations in order to determine worthiness. The whole process was quite the undertaking. At that time, Cisco had recently acquired Sourcefire and had integrated it with the ASA. By integrate, I mean they kind of just strapped it on top. They shared a power supply anyway. My role was to explain the attack continuum and demonstrate a number of associated tools providing the features and benefits of each, including the dreaded ASA/Sourcefire hybrid. Despite some of the administrative silliness of the ASA/Sourcefire (Firepower), it provided an effective threat prevention and detection solution. However, at the time I wasn’t fully convinced Cisco provided the best NGFW on the market and I relied on 3rdparty integration products to get more effective threat management.
Today, I am again in a position to use my Fire Jumper skills for a technical audit of the Master Security Partner program. I have been preparing and learning how Cisco accomplishes threat management in order to prove we up to date on the offering. Since the initial audit years ago I have been exposed to other threat hunting platforms, tied together with various SIEM and SOAR solutions I thought were best of breed.
Now as I jump back into the Cisco world, I am impressed with what they have developed to accomplish an end-to-end security solution. Cisco Advanced Malware Protection, Threat Grid, Threat Response, and Firepower all integrate to provide prevention, detection, and remediation of security threats. I have not seen anything better or more complete to accomplish threat management. What I’m getting at here is that if you have been turned off by the Cisco’s incremental and a bit clumsy integration of point products in past, like I was, take another look. They’ve done great things over the last few years. Finally, the entire cyber kill chain that attackers use against targets is covered with tools that work together.
If you are a Cisco partner looking into the Master Security designation be prepared for a very comprehensive and in the end rewarding experience. Going through threat hunting training and the Fire Jumper program has been invaluable and I am now confident in knowing I am offering my customers the best end-to-end security solution in which I have been exposed. Cisco offers, and I recommend, a threat hunting workshop. Check it out here: https://tinyurl.com/yy3emwcl.
And, as James Hetfield says while shredding a distorted blues scale, “Jump in the fire”!
Reading time: 120 seconds