Darktrace /NETWORK
Darktrace /NETWORK is a Network Detection and Response (NDR) offering.
Darktrace /NETWORK is a Network Detection and Response (NDR) offering. In Cisco XDR, we enable Darktrace users to leverage it in investigations and for response actions. In Investigate, Darktrace can respond with detection details for queried hostnames, IP and MAC addresses, and Darktrace DeviceIDs. The Darktrace Integration can also be used in Automation and from the pivot menu to quarantine and unquarantine devices by hostname, Darktrace DeviceID, and IP or MAC address.
These are workflows that you can install in Cisco XDR automation and use with this integration. These are different from built-in workflows which are built into Cisco XDR by default for all customers.
These workflows are built into Cisco XDR automation and can be used with this integration. These are different from installable workflows, which are optional workflows you can install from Cisco and its partners.
These actions can be used in Cisco XDR automation to build workflows for this product. Workflows can help you automate how you investigate, respond to incidents, and more.