Cisco Secure WAF and Bot Protection Integration

1. In the Cisco XDR navigation menu, choose Administration > Integrations.

2. On the Integrations page, click the Cisco tab and navigate to the Cisco Secure WAF and Bot Protection integration.

3. Click Get Started. The Cisco Secure WAF and Bot Protection integration page is displayed.

4. Expand the Integration Guide area and follow the instructions on how to add the Cisco Secure WAF and Bot Protection integration in Cisco XDR.

You can perform the following task after you integrate Cisco Secure WAF and Bot Protection with Cisco XDR:

• Investigate - Start a new investigation into IP addresses and see if any records of them exist in your Cisco Secure WAF and Bot Protection. To verify that this integration is working, and to see what kind of data is returned, investigate one or more observables about which you know Cisco Secure DDoS Protection has recent information. For details, see Investigate.

• Pivot Menu - Use the Pivot menu to access actions on IP addresses in Cisco Secure WAF and Bot Protection. Available actions include moving IP addresses onto or off of network and application lists.