Endpoint Security

Any one notice display issues with Analysis > Events only showing 1 event after the Console Upgrade today to v5.3.20160426?

Disable Module 10 ASA Module Malware Protection: Cannot connect to cloud

I'm trying to automate the removal of Fireamp via the command line and its not working.  If I run the command and enter the password it works.  If I run it silently it doesn't.  Any Ideas?  Im using the command line example below for this example Ive...

Is there a way to upload a list or copy and paste a list of IPs and Domains to have them searched in SourceFire? I regularly get alerts from community partners that contain scores of IP addresses and domain names that I need to search through our Clo...

I have quotes from two vendors for a pair of 5508s in HA with AMP.  I'd also like to use the AMP for Endpoints. Obtained quotes from two vendors for a pair of ASA5508s.  I'm looking to add protect 500 Endpoints with AMP. Vendor A provides a quote for...

Is it possible to bypass inspection for a wildcarded site like *.espn.com?

We are thinking of updating to the newest release of FireAMP (or Cisco Advanced Malware Protection for Endpoints as it's called now) and deploying across more systems than we currently have it on. The team who ran the PoC on this last year isn't arou...

I have some questions about AMP Rules about Malware Cloud Lookup with Firepower Management Center(FMC). Some documents says that with these rules, the FMC will sends the SHA256 hash of a file to the cloud for analysis. How the SHA256 hash is calculat...

Hi, AMP for network can capture and inspect files which are transferred through ASA with firepower service , but when we test it with IDM(download the files with Download manager), AMP does not recognized these kind of Files, so what is cisco approac...

I have been notified from AMP of detecting Auto.A29577.201440.in02 from a file with SHA-254: a2957772fba9827bf5fda166282b557947ebf07ca9beadb76ff63c129ee336ea. I've researched in: https://supportforums.cisco.com/discussion/12702996/amp-blocking-window...

We are currently looking to replace our current anti-virus solution (AVG) with a new product.  I have been looking into the new Advance AV products, actually have CrowdStrike Falcon running on some test devices, but wanted to look into AMP since we a...

We have Cisco Firepower with and AMP Malware licence, we also have a SIEM box from a company called LogRythm, we have discovered that we can have access to the Cisco AMP threat grid directly from the SIEM box as long as we have a current AMP license ...

Hi .. Anyone else been experiencing issues with high CPU after upgrading to version 5 of the AMP connector?  I upgraded one of our environments of 40 servers (DC, SQL, APP ...) to version 5 when it came out.  Ever since random servers at random times...

I have a DVD installation disk that is being blocked by AMP.  Any tips on how to exempt this?  I realize that I can exempt the drive, but not I am not sure if all PCs have the same drive number for the DVD / CD drive.