Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2691
Views
10
Helpful
3
Replies

AMP and selfservice

Go to solution
elliottbujan6396
Level 1
Level 1

‎10-22-2018 10:04 AM - edited ‎02-20-2020 09:06 PM

Is there a way to offer our users a self service facility to upload and analyze their files?  Do they have to contact us everytime they have / receive a suspicious file or attachment?

 

thx

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
brmcmaho
Cisco Employee
Cisco Employee

‎10-22-2018 11:04 AM

(Note: I'm assuming that, when you say "upload and analyze", you're talking about the Threat Grid integration in AMP that provides file analysis. If I'm wrong about that, please correct me.)

There is no self-service analysis built in to AMP at the moment. Considering that every customer has a limited number of file submissions within a 24-hour period, I'm not sure that most people would want one. It seems like it would be all too easy for one "enthusiastic" user to burn your organization's entire submission quota with files that aren't all that interesting to look at.

Having said that, if you do need to build a facility like this, you could probably build something like that using the Threat Grid API, although that would require a full Threat Grid subscription, beyond the integration that's included in AMP.

View solution in original post

Go to solution
brmcmaho
Cisco Employee
Cisco Employee
In response to elliottbujan6396

‎10-24-2018 01:59 PM

The exact number is going to depend on how and when your AMP account was set up; current policy (for new customers) is 200 samples per day per organization. Older accounts may be grandfathered in to the previous TG licensing model, which was based on the side of your AMP seat license and/or appliance models.

You can confirm your settings in the AMP console by going to Accounts > Business, and checking under Cisco Threat Grid API. It will tell you how many sample submissions per day you have on your account, and how many submissions are currently available.

View solution in original post

3 Replies 3

Go to solution
brmcmaho
Cisco Employee
Cisco Employee

‎10-22-2018 11:04 AM

(Note: I'm assuming that, when you say "upload and analyze", you're talking about the Threat Grid integration in AMP that provides file analysis. If I'm wrong about that, please correct me.)

There is no self-service analysis built in to AMP at the moment. Considering that every customer has a limited number of file submissions within a 24-hour period, I'm not sure that most people would want one. It seems like it would be all too easy for one "enthusiastic" user to burn your organization's entire submission quota with files that aren't all that interesting to look at.

Having said that, if you do need to build a facility like this, you could probably build something like that using the Threat Grid API, although that would require a full Threat Grid subscription, beyond the integration that's included in AMP.

Go to solution
elliottbujan6396
Level 1
Level 1
In response to brmcmaho

‎10-22-2018 02:42 PM

thanks brmcmacho

submission quota?

0 Helpful

Go to solution
brmcmaho
Cisco Employee
Cisco Employee
In response to elliottbujan6396

‎10-24-2018 01:59 PM

The exact number is going to depend on how and when your AMP account was set up; current policy (for new customers) is 200 samples per day per organization. Older accounts may be grandfathered in to the previous TG licensing model, which was based on the side of your AMP seat license and/or appliance models.

You can confirm your settings in the AMP console by going to Accounts > Business, and checking under Cisco Threat Grid API. It will tell you how many sample submissions per day you have on your account, and how many submissions are currently available.
Customers Also Viewed These Support Documents