Red Sift brings DMARC data to the SOC with new Cisco XDR integration

Today, we’re thrilled to announce that we’re extending our partnership by joining the Cisco Security Technical Alliance and integrating Red Sift OnDMARC with Cisco XDR. This integration builds on the Domain Protection partnership we announced in November 2023 to bring visibility of business email compromise into the SOC (security operations center).

At release, Red Sift is one of five vendors to offer a Verified Integration with Cisco XDR and one of only two vendors that has completed the new XDR Verification process.

What’s an XDR?

“The most basic definition of XDR is the collecting of telemetry from multiple security tools, the application of analytics to the collected and homogenized data to arrive at a detection of maliciousness, and the response to and remediation of that maliciousness.” – IDC, 2023.

XDRs provide security teams with meaningful visibility to investigate incidents and remediate threats. This is done by analyzing and correlating vast data sets across attack vectors such as endpoint, network, firewall, identity, and DNS. This information is used to investigate and assess if anomalies are malicious at which point SOC teams can remediate in an automated way. It’s easy to see why the strength of any XDR lies in its ability to integrate with sources of data and threat intelligence.

However, DMARC data has historically not made the list of integrated data sets. As a result, SOC teams can be blind to bad actors impersonating their domains and sending fraudulent mail through business email compromise (BEC). BEC remains one of the most common cyberattack vectors with annual losses nearing $2.9 billion and an average cost of $137K per incident.

Bringing DMARC visibility into the SOC for the first time

Red Sift OnDMARC now seamlessly integrates with Cisco XDR, bringing DMARC data into the SOC and removing silos across security teams. Operators will have a unified view of BEC and impersonation threats to accelerate the mean time to resolution (MTTR). 

Customers of Cisco XDR and Red Sift OnDMARC can remediate various types of email-based events directly from the XDR interface and share intelligence bi-directionally.

Key use cases for Cisco XDR & Red Sift OnDMARC

Threat response augmentation

Cisco XDR’s primary threat intelligence source is Cisco Talos. This intelligence can be augmented with third-party integrations like Red Sift OnDMARC to expedite data-driven decision-making to better make judgments and verdicts. Red Sift OnDMARC will provide users with specific insights into potential exact domain impersonation, business email compromise as well as DMARC status across an organization.

Removing silos across teams

Analysts can build automated workflows based on the detection of specific incidents by Red Sift OnDMARC to reduce the time spent on investigations. For instance, if a Cisco XDR user identifies an IP as malicious and marks the domain as a threat, this information is automatically pushed into OnDMARC to close the loop with the email security team. 

Try Cisco XDR and Red Sift OnDMARC

If you want to see the Red Sift OnDMARC and Cisco XDR integration in action, please contact your Cisco representative, or visit Red Sift’s booth at Cisco Live (3120-B) in the Security Village from June 2-6 in Las Vegas. More information on our Cisco partnership can be found at https://redsift.com/partners/cisco.

PUBLISHED BY

Rebecca Warren

31 May. 2024

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
Brand Protection

Separating signal from noise when fighting brand spoofing

Rahul Powar

“Alert fatigue” must be the most common malady among cybersecurity professionals. According to a recent survey, 56% of large companies handle 1,000+ alerts each day. For 70% of security professionals, the volume of alerts has doubled in the past few years, with more than 51% of campaigns involving some form of AI-generated brand spoofing.…

Read more
Research

49% of Big Pharma companies are vulnerable to email phishing as weaponized…

Rahul Powar

New analysis from Red Sift of the 100 largest pharma companies shows nearly half of the sector is still open to domain spoofing. Only 51% of companies are at DMARC enforcement (p=reject)—the control that stops spoofed email at the door. Another 13% sit at p=quarantine, which offers limited filtering but does not equal enforcement.…

Read more
News

Red Sift now offered through GuidePoint Security in new partnership

Rahul Powar

Organizations seeking to elevate their cybersecurity posture can now benefit from Red Sift’s advanced innovations, supported by GuidePoint Security’s expertise in aligning the right solutions to each customer’s needs. BOSTON & LONDON, 08:00 ET/ 13:00 BST, 10 September 2025 – Red Sift today announced a strategic reseller partnership with GuidePoint Security, the leading U.S.…

Read more
Awards

From Europe to Asia Pacific: OnDMARC earns global recognition in G2’s Fall…

Francesca Rünger-Field

G2’s Fall 2025 Report is out, and Red Sift OnDMARC continues to earn recognition across the globe. This quarter, we were featured in 19 reports, including a new appearance in the Asia Pacific Regional Grid® Report for DMARC, reinforcing our position as a trusted solution for securing email and protecting brands worldwide. We also…

Read more