Cisco Duo for Log360 Cloud

Cisco Duo is a cloud-based multi-factor authentication (MFA) and access security solution designed to protect applications and networks from unauthorized access.

It provides strong authentication, adaptive access policies, and detailed security insights to enhance identity protection.

Cisco Duo extension scope

Integrating Cisco Duo with Log360 Cloud enhances security by enabling monitoring, reporting, and alerting on multi-factor authentication (MFA) events. This integration improves visibility into authentication attempts, detects suspicious activities, and generates security alerts.

Additionally, custom widgets provide a clear view of the key security incidents for easier analysis.

Audited events

Authentication events

  • Fraudulent authentications
  • Success and failure authentications
  • User enrollments

Administrator events

    • User management
    • Admin management
    • Group management
    • Policy management
    • Directory sync events
    • External directory management
    • Application management
    • Hard token management

Telephony events

Telephony credits used
cisco duo interface

Release Notes

Version 2

Seamlessly integrated with Log360 Cloud SOAR workflows which ensures quick responses to identity threats by managing authentication and revoking sessions.

Version 1

Collect and analyze Cisco Duo logs to gain deeper insights into authentication and access activities.
By leveraging event patterns, you can enhance identity security, detect risky login behaviors, and respond to threats proactively.

Resources

Configure Cisco Duo Documentation