Cohesity DataProtect

Investigate and respond to threats in Cisco XDR with proactive playbook driven protection and restore operations from Cohesity DataProtect.

Integrating Cohesity DataProtect with Cisco XDR allows SOC and IT teams to automatically take a snapshot of business-critical data, early in the incident response process. Automated workflows also allow teams to rapidly recover impacted assets from recent and immutable backup snapshots.

By adding Cohesity DataHawk, analysts gain visibility into any data sensitivity information, identified by DataHawk's data classification capabilities for impacted virtual machines, and incorporate it into the scope of incident response.

Automation

Automatic target creation for Cisco XDR automation

North America

Europe

Asia-Pacific, Japan & China

These are workflows that you can install in Cisco XDR automation and use with this integration. These are different from built-in workflows which are built into Cisco XDR by default for all customers.

Cisco Verified

This workflow is triggered by an incident automation rule and identifies available restore points for impacted assets in Cohesity DataProtect.

Cisco Verified

This workflow appears in the pivot menu and leverages Cohesity DataProtect to restore the selected virtual machine to its most recent backup snapshot.

Cisco Verified

This workflow appears in the pivot menu and enables you to capture snapshots of virtual machines in Cohesity DataProtect.

Cisco Verified

This workflow is triggered by an automation rule when an incident is created in Cisco XDR.