Cisco XDR Cybersecurity

Empowering SOC Analysts with a Streamlined Solution

Cybersecurity protection requires visibility throughout an organization to detect attacks in progress. The Cisco Threat Detection and Response (TD&R) Design Team wanted to reimagine a solution that could deliver the outcomes for SecOps today and tomorrow. That’s why Cisco introduced its XDR solution in April 2023. The eXtended Detection and Response (XDR) solution supersedes individual security solutions. It is focused on simplifying SecOps workflows with effective detection and response capabilities across workloads, networks, devices, and more. 

CSOC analysts sort through millions of alerts trying to understand the incidents that will lead to a breach and cause significant loss to enterprises. With a focus on empowering novice SecOps analysts, Cisco enlisted our help to undergo a multiphase design process that would provide a deeper understanding of future XDR users and use cases to inform the product’s future vision.

Hero image

Impact

Together, Cisco and DesignMap designed an intuitive XDR tool that helps novice SecOps analysts minimize their time to detect and respond.

Cisco XDR surfaces only the relevant information needed for an analyst to respond with confidence. It offers risk-based prioritization to ensure analysts’ time is spent on the most critical incidents. 

Frame 5872-1

Discovery

In Discovery, we sought to understand the pain points created by products across the industry and prioritized the problems that would have the greatest user impact.

SOC Analyst interviews revealed that many people entering this role are Junior Analysts with limited security experience. Previous tools were mainly designed for senior people. Addressing the Junior Analyst’s struggles became the product backbone of Cisco XDR.

Group 5866
Group 5867
Frame 5867

Outcome

Cisco XDR delivers a simplified experience for enterprise Cyber SecOps Analysts of all levels. A workflow that once used more than three tabs, three objects, 18+ steps, and copy/pasting can now be completed using one tab and one object.

The improved UX makes it easier for people to proactively identify and mitigate potential threats, reducing the risk of successful cyberattacks.