https://community.cisco.com/t5/endpoint-security/secure-endpoint-outbreak-control-automated-actions-isolate-test/m-p/4766677#M7292 <P>Hello,<BR />I would like to test the "automated actions" in which the computer is isolated at a "critical severity". What are the basic ways to test this?</P> <P>As an example I would like to test this IOC: <STRONG>JS.Trojan.Generic_48153.ioc</STRONG> <EM>"This IOC fires when a URI pattern similar to this malware has been detected. The components of the URI this IOC inspects for are: "/01/Carontex"."</EM></P> <P>Is it sufficient to call a website that contains this URI to trigger the IOC?</P> <P>Thanks in advance!</P> Wed, 01 Feb 2023 11:41:03 GMT RalphNelson 2023-02-01T11:41:03Z https://community.cisco.com/t5/endpoint-security/secure-endpoint-outbreak-control-automated-actions-isolate-test/m-p/4766677#M7292 <P>Hello,<BR />I would like to test the "automated actions" in which the computer is isolated at a "critical severity". What are the basic ways to test this?</P> <P>As an example I would like to test this IOC: <STRONG>JS.Trojan.Generic_48153.ioc</STRONG> <EM>"This IOC fires when a URI pattern similar to this malware has been detected. The components of the URI this IOC inspects for are: "/01/Carontex"."</EM></P> <P>Is it sufficient to call a website that contains this URI to trigger the IOC?</P> <P>Thanks in advance!</P> Wed, 01 Feb 2023 11:41:03 GMT https://community.cisco.com/t5/endpoint-security/secure-endpoint-outbreak-control-automated-actions-isolate-test/m-p/4766677#M7292 RalphNelson 2023-02-01T11:41:03Z