Cisco Threat Grid combines advanced malware analysis and global threat intelligence, enabling businesses to protect against sophisticated cyber threats. It provides crucial insights for cybersecurity teams to make informed decisions and improve security operations.
| Product | Mindshare (%) |
|---|---|
| Cisco Threat Grid | 1.4% |
| Recorded Future | 6.7% |
| CrowdStrike Falcon | 4.5% |
| Other | 87.4% |
Cisco Threat Grid pricing varies based on deployment type and feature set. Subscription costs can start from $30,000 per year for basic packages, with enterprise solutions reaching up to $150,000 annually. Users indicate that additional costs may arise for advanced features and support services. The solution is considered a significant investment for large organizations seeking robust threat intelligence capabilities.
Designed to assist cybersecurity professionals, Cisco Threat Grid offers an integrated platform that analyzes and correlates malware behavior with an extensive library of threat intelligence. This helps organizations detect, understand, and reduce the impact of malware attacks. The platform accelerates response times by providing accurate threat context and actionable insights, vital for bolstering cybersecurity defenses in today's digital landscape.
What important features does Cisco Threat Grid offer?In industries such as finance, healthcare, and government sectors, Cisco Threat Grid is implemented to address specific cybersecurity challenges. Its ability to deliver rapid and detailed threat intelligence makes it an essential component in environments where data protection is paramount. These industries benefit from its capability to swiftly identify threats, enabling proactive defense mechanisms to safeguard sensitive information.
Cisco Threat Grid was previously known as Threat Grid, ThreatGrid.
Center for Internet Security (CIS), ADP
| Author info | Rating | Review Summary |
|---|---|---|
| GRC Cyber Security Consultant at RMG Connect -Reporting | 3.5 | I use Cisco Threat Grid for endpoint security and appreciate its simple implementation. However, I find that the integration of the management file into the environment needs improvement. I haven't considered other solutions or cloud providers. |
| Senior Presales Engineer at BT Al-Saudia | 3.5 | I find Cisco Threat Grid valuable for identifying unknown files, especially its strong integration within the Cisco ecosystem. However, I am concerned about its limited file extension support and complex management portals. Overall, I rate it a seven out of ten. |
| Senior Presales Engineer at BT Al-Saudia | 4.5 | I rate Cisco Threat Grid highly (9/10) for its easy implementation, scalability, and good support. However, its user interface could be more friendly, and the licensing cost is somewhat higher than competitors. |
The solution is used for endpoint security.
The simplicity of implementation is valuable.
The way the management file is integrated into the environment must be improved.
Currently, I am using the solution.
The tool is stable. We did not have any issues with it.
I rate the tool’s scalability a seven out of ten. Around 100 people in my organization are using the product.
The technical support is average. Support must be improved. The response time must be improved.
The initial setup is easy. It took us four days to deploy the tool.
The solution’s pricing is average.
Overall, I rate the tool a seven or eight out of ten.
Our primary use case is to use it to identify unknown files. It checks to see if it's a malicious file or a clean file because this is a sandboxing solution which is why it's used on-prem. They don't want to share their own files to the cloud so they use it on their own prem-solutions. It checks even static or dynamic checking to see if it's clean or it's malicious then it makes a verdict.
The most valuable feature is the integration with firewalls. It's integrated with AMP so the ecosystem with equal solutions from Threat Grid is good with Cisco products.
The feedback I get from customers is that it's limited with the extension of files. It doesn't check every extension. Also, customers have some confusion about accessing the systems because sometimes it requires a different portal to access. It's good to have a different portal but sometimes they don't have access to this portal. So if you get the devices, get a subscription, you will need to deal with another portal instead of the traditional Cisco portal. They come in and have multiple management solutions but it doesn't scan or doesn't have the ability to look at every file extension.
I have been using Cisco Threat Grid for three to four years.
Our customers are primarily enterprise-size.
I haven't contacted Technical Access Support because that would require another service phone number. Cisco's other support services are very supportive. They give me free licenses and free access to the cloud. They are very supportive for Threat Grid, Umbrella, and AMP.
Sometimes I go to the cloud. I have set up labs and I don't feel that it is complex for me. So I have some hands-on experience because I work with operations. It is not so difficult to comprehend its initial configuration. It's straightforward.
The deployment only requires one single engineer. If it's for Firepower, we have a dedicated team to secure Cisco security. Some of them deal with Firepower and Threat Grid.
If the deployment is on-prem and we don't have a lot of integration with other systems, it might take five business days to set up.
They have different pricing packages. If you upload around 525 AMP per day, this is a certain cost. If you upload 100 soundbites per day, this is another package cost. If you upload 1000 soundbites per day this is a third package cost. They're basic costs and then they also have advanced rates.
You have a subscription that is a package and then you have the ability to go over to the cloud. If you go in-prem, then you have another cost for the appliances and software.
We have a lot of Cisco security products. There are other competitors who do it better. They have a better market share and you can see they have better visibility on the fleet. They started before Cisco did. Products like Firepower and Palo Alto have their own solution. Palo Alto actually started this concept actually. They have their own solutions. IBM has its own solutions. But if you heavily use Cisco security products then it is better to go with Cisco Threat Grid.
The biggest lesson that I learned from this solution is that hackers are very smart because even you use Threat Grid, hackers can bypass these techniques. They have countermeasure techniques to avoid Threat Grid and sandboxing solutions.
I would rate it a seven out of ten.
One of our customers works in the public sector for the Saudi government, and we proposed a subscription model for the Threat Grid solution. I think we had a POC before, and the customer liked the concept of Threat Grid. He already had security infrastructure from Cisco, and this would be a seamless integration between Cisco products and with the Cisco Threat Grid. So the use case would be the smooth integration between Cisco security products and Threat Grid.
It is easy to implement and is very scalable. It also comes with very good documentation. Cisco provides good technical support as well.
The last time I checked, I was told that the user interface could be more user friendly and easy in comparison to that of competitors. I remember that there is a competitor who has a much easier interface for many users to interact with.
I think Cisco Threat Grid needs to have more API gateways with other vendors, and integration between other security suppliers such as Fortinet, IBM, and Palo Alto would be great as well.
Because Cisco Threat Grid is a cloud subscription, scalability is okay. We have had no problems with it. However if it's on-premises, it might have some limitations due to the hardware and licensing. From our point of view, however, it was good.
Cisco's documentation is always good. They have good manuals for implementation, deployment, and also for operation. We use Cisco's documentation to build our LLDs and the manuals for the customer.
Regarding support, Cisco is good.
The initial setup was straightforward. Depending on the system integrator and whether he knows the product and Cisco's products, implementation can be easy. Cisco always has good manuals, so once you read the manual, you will be able to deploy their systems.
There was no bugs, and it was a straightforward implementation. We usually do a pilot for the customer, and we don't integrate everything in our scope until the pilot is working successfully.
If I remember correctly, the licensing cost is a little bit higher than that of the competitor.
It's a very good product, and I would rate it at nine on a scale from one to ten.
