About this report
This report features data drawn from Cisco Umbrella’s DNS resolution and application discovery capabilities. The data is from paying Cisco Umbrella customers and has been de-identified, aggregated into categories, and anonymized. The data consists of IP addresses, the owners of IP addresses, locations, the types of services accessed via IP, and whether applications and services were blocked by customers of our software. (Customers may block specific services or software based on threat intelligence and their own security policies and controls.) In some cases, outliers were removed to focus on the primary applications and trends.
Most of the data was collected on a daily basis between November 1, 2020, and March 29, 2021. In some instances, where stated, data was collected during the 2020 calendar year or from other time periods as disclosed.
Cisco Umbrella’s global cloud architecture processes 620 billion internet requests every day at the moment a request is made. This real-time DNS data is further enriched with diverse public and private data feeds. Our application discovery service discovers tens of thousands of applications annually, controlling more than 3,000 applications and counting.
With such a massive and diverse data set, we have a unique perspective on global DNS and cloud application traffic. Our threat analysis — based on aggregated DNS query logs paired with scrubbed and anonymized customer demographic information — is ideally suited for uncovering patterns that signal malicious behavior.
All analyses, statements, and claims made in this report, unless otherwise cited and sourced, are derived from Cisco Umbrella’s DNS resolution and application discovery capabilities. As such, the findings discussed in this report will reflect the perspectives limited by Cisco Umbrella capabilities.
To read full download the whitepaper:
2021 cloud application security
