Skip to main content
Download the Buyer’s Guide for Cyber Risk Quantification Solutions
Download Guide
Request a Demo

ThreatConnect and Cisco Secure Access by Duo: Save time during IdAM Investigations

ThreatConnect has partnered with Cisco Security to deliver a Playbook App for joint customers to use Cisco Secure Access by Duo (formerly Cisco Duo). Now, users can automate processes during an internal security investigation when it’s critical to quickly get user information or suspend users involved with a security incident.

The App allows you to:

  • Get user account information, including Groups and Applications the user has access to. This information can be used for making automated decisions about the next steps to take in the investigation as well as helping analysts have the information they need without having to collect it manually.
  • Suspend a user’s account for a time period while an investigation takes place and analysts can confirm that the account is not compromised. This action can be automated as part of a Workflow or Playbook. Later in the process, the account can be unsuspended and the password can be reset automatically.

The app contains the following actions:

  • Activate User
  • Disable User
  • Get User
  • Get User Groups
  • Get User Phones
  • Advanced Request

Together, ThreatConnect and Cisco Secure Access by Duo help you to automate IdAM actions, saving you time during an internal security investigation. If you’re a ThreatConnect customer, please reach out to your dedicated Customer Success Team for more information on utilizing the Cisco Secure Access by Duo Playbook App (titled Cisco Duo in our app catalog). If you’re not yet a customer and are interested in ThreatConnect and this integration, contact us at

About the Author


By operationalizing threat and cyber risk intelligence, The ThreatConnect Platform changes the security operations battlefield, giving your team the advantage over the attackers. It enables you to maximize the efficacy and value of your threat intelligence and human knowledge, leveraging the native machine intelligence in the ThreatConnect Platform. Your team will maximize their impact, efficiency, and collaboration to become a proactive force in protecting the enterprise. Learn more at