Cisco XDR Ribbon

XDR Ribbon and Investigation Widgets

Cisco XDR Ribbon - Enhance Threat Investigation

"Cisco XDR Ribbon" is a Chrome extension offered by Cisco that provides a suite of tools for improved visibility, automation, and incident response in cybersecurity. It enables users to extract observables, take response actions, and manage incidents, facilitating efficient threat analysis across integrated products. The extension includes powerful features like the casebook and incidents apps, allowing users to triage incidents and gather information seamlessly while browsing the web, thereby accelerating threat investigations.

Download

Extension stats

By: Cisco XDR

Users: 513

-15

Rating: 5.00

(3)

Version: 1.11.14 (Last updated: 2024-12-05)

Creation date: 2023-11-05

Risk impact: Very high risk impact

Risk likelihood:

Moderate risk likelihood

Manifest version: 3

Permissions:

alarms
activeTab
contextMenus
storage
idle
identity

Host permissions:

https://visibility.int.iroh.site/
https://private.intel.int.iroh.site/
https://conure.int.iroh.site/
https://visibility.test.iroh.site/
https://private.intel.test.iroh.site/
https://conure.test.iroh.site/
https://visibility.apjc.amp.cisco.com/
https://private.intel.apjc.amp.cisco.com/
https://visibility.eu.amp.cisco.com/
https://private.intel.eu.amp.cisco.com/

Size: 1.54M

Email: ro*****@cisco.com

URLs: Privacy policy

Ranking

# 40,773 ▼ 284

Other rankings

#12405 in Tools ▼ 149

Other platforms

Cisco Business (v1.11.1)

3.53

(90) 16,179+

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Analyze keywords

Cisco XDR Ribbon Extension

Offered by: Cisco XDR

The Cisco XDR ribbon extension offers a distributed set of capabilities that unify visibility, enable automation, accelerate incident response workflows, and improve threat hunting directly from your browser. These capabilities are presented in the form of applications (apps) and tools in the XDR ribbon. With the combination of the apps and your browser, you can:

Immediately extract observables from arbitrary browser content and get the current Cisco verdict on each observable.
Take response actions on observables via Cisco XDR and your configured integrated products.
Use the casebook app to gather information in one place as you explore sightings across multiple products. The casebook is a powerful and convenient tool for saving, sharing, and enriching your threat analysis. Use it to track notes and other information as you follow leads during your threat investigation across your product suite.
Use the incidents app to triage, investigate, and track high-confidence security incidents from integrated products. You can view the status and summary of the incidents, change the status, link incidents to snapshots, cases, and indicators, and pivot into Cisco XDR to perform investigations.
Use the Orbital app to run live SQL queries against your endpoints.

You can select text on a page or select a single observable, open the context menu, and choose the Cisco XDR menu option. The selection will be inspected for observables and you will be presented with information and actions to help with your investigations.

You can also quickly find observables on the page, use the Pivot menus to create judgements for the observable and associate it with indicators, investigate the observables in Cisco XDR, block or unblock domains, start isolation of endpoints, and pivot to the integrated products to perform additional threat analysis.