Cisco Talos – Cisco’s Threat Intelligence Organization

Cisco Talos is Cisco Security’s threat intelligence organization. Cisco Talos intelligence group is comprised of security experts, world-class researchers, analysts, and engineers, who provide state-of-the-art international security research, technologies, techniques, and services that protect their customers against known and emerging threats. Aside from protecting the Cisco customers’ networks from the bad guys, they also stop any detected threats to protect the Internet in general.


Cisco Talos Teams and the Talos 7 Key Areas

The Cisco Talos team was formed through the unity of the following Cisco security research teams:

  1. IronPort Security Applications (SecApps)
  2. Sourcefire Vulnerability Research Team (VRT)
  3. Threat Research, Analysis, and Communications (TRAC) Team


Cisco Talos incorporates the following seven key areas:

  1. Threat Intelligence & Interdiction – correlates and tracks threats.
  2. Detection Research – detects and analyzes malware and vulnerabilities.
  3. Engineering & Development – updates and maintains inspection engines, develops security systems and tools.
  4. Vulnerability Research & Discovery – develops programmatic and replicable methods to determine high-priority vulnerabilities.
  5. Communities – handles education and knowledge, marketing and media, and Talos websites.
  6. Global Outreach – conducts specialized research and disseminates Talos intelligence.
  7. Talos Incident Response – offers proactive and reactive services to assist their customers in preparing, responding, and recovering from a breach.


Threat Intelligence

Cisco Talos security experts are actively locating, reporting, and assisting vendors to eliminate vulnerabilities detected in the customers’ software. This feat is achieved through numerous industry partnerships, customer feedbacks, and threat intelligence analysis, aside from product telemetry and proactive discovery. It receives intelligence from the following intelligence feeds that no other cybersecurity research team can match:

  • Advanced Microsoft and industry disclosures
  • Advanced Malware Protection (AMP) community
  • ClamAV, Immunet, SenderBase, Snort, SpamCop, Talos user communities, and Cisco Threat Grid
  • Honeypots
  • Sourcefire Awareness, Education, Guidance, and Intelligence Sharing (AEGIS) program


Cisco Talos Telemetry

Cisco Talos supports two-way telemetry and protection across prime security solutions, both open source and commercial, which includes Cisco’s Advanced Malware Protection (AMP), Cloud Email Security (CES), Cloud Web Security (CWS), Email Security Appliance (ESA), Next-Generation Intrusion Prevention System (NGIPS), Next-Generation Firewall (NGFW), Web Security Appliance (WSA), Stealthwatch, ThreatGrid, and Umbrella.

Talos’ comprehensive and integrated portfolio encompasses endpoint, network, cloud, edge, data center, desktop, mobile, IPS, firewall, DNS, and a lot more. This unfolds an understanding of the biggest threats to the smallest threats, their root causes, and scopes of outbreaks.

All of the collected data from various media is utilized to build an extensive threat intelligence that is incorporated into security products and solutions to provide protection against a wide range of threats. Cisco Talos provides coverage protecting against newly discovered vulnerabilities while the affected vendors develop and test their patches.

Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.

We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training: