Radware Cloud WAF Service Integration

Note: This integration requires Cisco XDR Advantage or Cisco XDR Premier licensing tier.

At its core, Radware's Cloud WAF Service is based on Radware's ICSA Labs certified, market-leading web application firewall and offers full web security protection including OWASP Top-10 coverage, advanced attack protection and 0-day attack protection that automatically adapts your protections to evolving threats and protected assets. These capabilities are provided as a fully-managed offering.

In Cisco XDR, the Radware Cloud WAF Service integration allows users the ability to investigate IP addresses and retrieve records of any attacks detected involving those IP addresses, and to take response actions by adding them to network or application lists.

  1. In the Cisco XDR navigation menu, choose Administration > Integrations.

  2. On the Integrations page, click the Third-Party tab and navigate to the Radware Cloud WAF Service integration.

  3. Click the plus sign (+) in the lower-right corner of the card. The Radware Cloud WAF Service integration page is displayed.

  4. Expand the Integration Guide area and follow the instructions on how to add the Radware Cloud WAF Service integration in Cisco XDR.

You can perform the following tasks after you integrate Radware Cloud WAF Service with Cisco XDR:

  • Investigations - Start a new investigation into IP addresses and see if any records of them exist in your Radware Cloud WAF Service. To verify that this integration is working, and to see what kind of data is returned, investigate one of more observables about which you know Radware Cloud WAF Service has recent information. For details, see Investigate.

  • Pivot Menu - Use the Pivot menu to access actions actions on IP addresses in Radware Cloud WAF Service. Available actions include adding or removing IP addresses from network and application lists.