BlueApp for Cisco Umbrella

Automate Malicious Domain Blocking with the BlueApp for Cisco Umbrella

  • Cisco Umbrella
  • Gateway
  • Detection
  • Response

See All BlueApps + Plug-ins >
BlueApps extend USM Anywhere’s threat detection and orchestration capabilities to other security tools at no additional cost.
Learn more ›

The BlueApp™ for Cisco Umbrella delivers advanced security orchestration capabilities between AlienVault® USM Anywhere™ and Cisco Umbrella (formerly OpenDNS), shortening the time from threat detection to response through security automation.

With the pre-built orchestration between these two products, you can close the loop between threat detection and response, without any of the heavy lifting typically required to integrate multiple security IT tools.

  • Shorten the time from threat detection to threat response with automation
  • Save time, money, and headaches in integrating multiple IT security tools 
  • Gain more visibility of your internet traffic by monitoring Cisco Umbrella logs directly within USM Anywhere
  • Automate or trigger response actions within USM Anywhere to block malicious domains in Cisco Umbrella

Get multiple security capabilities in one unified platform

Asset Discovery
Vulnerability Assessment
Intrusion Detection
Behavioral Monitoring
SIEM and Log Management

How It Works:

  1. USM Anywhere collects, enriches, and analyzes inbound and outbound network traffic log data from Cisco Umbrella.

  2. USM Anywhere detects any malicious inbound or outbound network traffic, such as a phishing email or malware communicating to a C2 server. When a threat is detected, USM Anywhere raises an alarm.

  3. Keying off the alarm, you can define an automated orchestration rule to send the malicious domain data to Cisco Umbrella. You can also manually trigger the action from the alarm.

  4. Cisco Umbrella uses this threat data to block any further communications between your employees and assets to that malicious domain.

Ready to get started?  See detailed instructions here ›

Go Deep: Read the BlueApp for Cisco Umbrella Datasheet

Read the Datasheet

Why You’ll Love the BlueApp for Cisco Umbrella


  • Detect threats against your internet traffic directly in USM Anywhere and be alerted to high-priority alarms
  • Investigate alarms efficiently with all the contextualized threat data you need in a single pane of glass 
  • Create automatic policy actions towards Cisco Umbrella for rapid threat response

Save Time & Money

  • Reduce the time and expense of integrating multiple security products
  • Centralize your security monitoring across cloud and on-premises environments

Leverage Best-in-Class Threat Intelligence 

When you use the combination of AlienVault and Cisco, you get the benefit of layered threat intelligence from the AlienVault Labs Security Research Team, the AlienVault Open Threat Exchange® (OTX™), and Cisco Talos. 

Get price Free trial