We just raised a $30M Series A: Read our story

Cisco Threat Grid OverviewUNIXBusinessApplication

Cisco Threat Grid is the #9 ranked solution in our list of top Threat Intelligence Platforms. It is most often compared to ReversingLabs Titanium Platform: Cisco Threat Grid vs ReversingLabs Titanium Platform

What is Cisco Threat Grid?

Cisco Threat Grid crowd-sources malware from a closed community and analyzes all samples using proprietary, highly secure techniques that include static and dynamic (sandboxing) analysis. It correlates the results with hundreds of millions of other analyzed malware artifacts to provide a global view of malware attacks, campaigns, and their distribution. Security teams can quickly correlate a single samples of observed activity and characteristics against millions of other samples to fully understand its behaviors in a historical and global context. This ability helps analysts effectively defend against both targeted attacks and the broader threats from advanced malware. Threat Grid’s detailed reports, including the identification of important behavioral indicators and the assignment of threat scores, let you quickly prioritize and recover from advanced attacks.

Cisco Threat Grid is also known as Threat Grid, ThreatGrid.

Buyer's Guide

Download the Threat Intelligence Platforms Buyer's Guide including reviews and more. Updated: October 2021

Cisco Threat Grid Customers

Center for Internet Security (CIS), ADP

Cisco Threat Grid Video

Pricing Advice

What users are saying about Cisco Threat Grid pricing:
  • "If I remember correctly, the licensing cost is a little bit higher than that of the competitor."

Cisco Threat Grid Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Walaa  Elabbasy
Senior Presales Engineer at BT Al-Saudia
Real User
Top 5
Has good integration with firewalls but has limited file extensions

Pros and Cons

  • "The most valuable feature is the integration with firewalls. It's integrated with AMP so the ecosystem with equal solutions from Threat Grid is good with CISCO products."
  • "They come in and have multiple management solutions but it doesn't scan or doesn't have the ability to look at every file extension."

What is our primary use case?

Our primary use case is to use it to identify unknown files. It checks to see if it's a malicious file or a clean file because this is a sandboxing solution which is why it's used on-prem. They don't want to share their own files to the cloud so they use it on their own prem-solutions. It checks even static or dynamic checking to see if it's clean or it's malicious then it makes a verdict. 

What is most valuable?

The most valuable feature is the integration with firewalls. It's integrated with AMP so the ecosystem with equal solutions from Threat Grid is good with Cisco products.

What needs improvement?

The feedback I get from customers is that it's limited with the extension of files. It doesn't check every extension. Also, customers have some confusion about accessing the systems because sometimes it requires a different portal to access. It's good to have a different portal but sometimes they don't have access to this portal. So if you get the devices, get a subscription, you will need to deal with another portal instead of the traditional Cisco portal. They come in and have multiple management solutions but it doesn't scan or doesn't have the ability to look at every file extension.

For how long have I used the solution?

I have been using Cisco Threat Grid for three to four years. 

What do I think about the scalability of the solution?

Our customers are primarily enterprise-size. 

How are customer service and technical support?

I haven't contacted Technical Access Support because that would require another service phone number. Cisco's other support services are very supportive. They give me free licenses and free access to the cloud. They are very supportive for Threat Grid, Umbrella, and AMP.

How was the initial setup?

Sometimes I go to the cloud. I have set up labs and I don't feel that it is complex for me. So I have some hands-on experience because I work with operations. It is not so difficult to comprehend its initial configuration. It's straightforward.

The deployment only requires one single engineer. If it's for Firepower, we have a dedicated team to secure Cisco security. Some of them deal with Firepower and Threat Grid.

If the deployment is on-prem and we don't have a lot of integration with other systems, it might take five business days to set up.

What's my experience with pricing, setup cost, and licensing?

They have different pricing packages. If you upload around 525 AMP per day, this is a certain cost. If you upload 100 soundbites per day, this is another package cost. If you upload 1000 soundbites per day this is a third package cost. They're basic costs and then they also have advanced rates.

You have a subscription that is a package and then you have the ability to go over to the cloud. If you go in-prem, then you have another cost for the appliances and software.

What other advice do I have?

We have a lot of Cisco security products. There are other competitors who do it better. They have a better market share and you can see they have better visibility on the fleet. They started before Cisco did. Products like Firepower and Palo Alto have their own solution. Palo Alto actually started this concept actually. They have their own solutions. IBM has its own solutions. But if you heavily use Cisco security products then it is better to go with Cisco Threat Grid.

The biggest lesson that I learned from this solution is that hackers are very smart because even you use Threat Grid, hackers can bypass these techniques. They have countermeasure techniques to avoid Threat Grid and sandboxing solutions.

I would rate it a seven out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Walaa  Elabbasy
Senior Presales Engineer at BT Al-Saudia
Real User
Top 5
Is easy to implement, has good documentation, and is scalable

Pros and Cons

  • "It is easy to implement and is very scalable. It also comes with very good documentation. Cisco provides good technical support as well."
  • "I was told that the user interface could be more user friendly and easy in comparison to that of competitors. I remember that there is a competitor who has a much easier interface for many users to interact with."

What is our primary use case?

One of our customers works in the public sector for the Saudi government, and we proposed a subscription model for the Threat Grid solution. I think we had a POC before, and the customer liked the concept of Threat Grid. He already had security infrastructure from Cisco, and this would be a seamless integration between Cisco products and with the Cisco Threat Grid. So the use case would be the smooth integration between Cisco security products and Threat Grid.

What is most valuable?

It is easy to implement and is very scalable. It also comes with very good documentation. Cisco provides good technical support as well.

What needs improvement?

The last time I checked, I was told that the user interface could be more user friendly and easy in comparison to that of competitors. I remember that there is a competitor who has a much easier interface for many users to interact with.

I think Cisco Threat Grid needs to have more API gateways with other vendors, and integration between other security suppliers such as Fortinet, IBM, and Palo Alto would be great as well.

What do I think about the scalability of the solution?

Because Cisco Threat Grid is a cloud subscription, scalability is okay. We have had no problems with it. However if it's on-premises, it might have some limitations due to the hardware and licensing. From our point of view, however, it was good.

How are customer service and technical support?

Cisco's documentation is always good. They have good manuals for implementation, deployment, and also for operation. We use Cisco's documentation to build our LLDs and the manuals for the customer.

Regarding support, Cisco is good.

How was the initial setup?

The initial setup was straightforward. Depending on the system integrator and whether he knows the product and Cisco's products, implementation can be easy. Cisco always has good manuals, so once you read the manual, you will be able to deploy their systems. 

There was no bugs, and it was a straightforward implementation. We usually do a pilot for the customer, and we don't integrate everything in our scope until the pilot is working successfully.

What's my experience with pricing, setup cost, and licensing?

If I remember correctly, the licensing cost is a little bit higher than that of the competitor.

What other advice do I have?

It's a very good product, and I would rate it at nine on a scale from one to ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Flag as inappropriate