Endpoint Security

I am very new to this Cisco product, and am currently going through some vendor security questions, and one of the questions is if our end user security will generate a log in the case of a failure to write a separate log. This might be a very simple...

Early on 5\21\2022, Cisco Endpoint Protection trapped this event:  'detected a Cloud IOC: Executed Malware IOC'. It was classed as 'AMADEY' Malware.  Because it was classified as a HIGH threat, and we have automated actions enabled, the affected comp...

Hello! I'm looking for a bug listing for AMP. Specifically, where new bugs are acknowledged to exist by Cisco. The most recent example of the IOC for chrome.exe is an example. I did receive an email, but I'm searching for where this bug is listed alo...

Lastnight I received many alerts about the Chrome update being indentified as Malware, until around 10PM EST, when a retrospective Malware alert was received making that file as Clean.Did anyone else see this same behavior?

I have this warning from Cisco AMP and I don't know how to solve it. Could anyone please help me in this? chrome.exe has been detected as W32. Trojan.NM.Quarantine was successful.

hi there, I've enrolled some computers in AMP and now want to "link" computers to users. I've checked the documentation and I haven't found any possible solution. When I go in Insight in SecureX and see the device, I see a field "Associated user" whi...

Hi all, Does Cisco AMP Supports Anti bot ? . My Requirement is something like thisit should complements existing endpoint security solutions by monitoring network ports for rogue activity and detecting infected internal endpoints sending command and ...

Good day, I'm still learning this product, but I was curious on the Signature Set Update and Component Download(Failure/Success) events. Can someone break down exactly what happens with these events? Thank you,Maurice

Hey all, I've been able to get exclusions done on our physical workstations, but haven't had success with getting Secure Endpoint to exclude certain paths. I've tried blocking the processes by including the path to the executable, I've tried using th...

I have what may seem a like a simple question. I have a Standalone FTD 4110 appliance that is a managed by FMC. I have added a second identical  standalone 4110 to FMC(same software version etc.) . The First FTD is completely configured. If I create ...

Evaluating Cisco AMP, and I would like some community feedback on how you see this product stacking up against Defender ATP etc.IMO: AMP is lacking user logon monitoring. There is no analysis on this part. Failed logons to a server, creation of new a...

My shop utilizes cisco firepower and umbrella. We have to make a decision on an endpoint protection product. Since we’re using the other cisco products would it be best to go with Cisco AMP? The current endpoint product is from another vendor, but wi...

Dear Team, Could you please share CISCO secure Endpoints POV Sample Plan

Hi, want to sum up my experience with deploying Secure Endpoint Windows connector 7.5.1.20813 updates yesterday:Two notebooks with curent CPU displayed "Computer CPU incompatible with Behavioral Protection engine SSSE3 requirement." and stopped updat...

I have a Firepower 8350 that has been giving me and my colleagues a huge headache.The device is unreachable from FTD and I am trying to recover it from an .iso file. Is there a way to run a restore .iso from a Windows FTP server? I was able to get it...