Endpoint Security

Hi Everyone,We wanna Implent Posture assessment in LAN. With temporal Agent everything works fine. But when we wan to client Use anyconnect Posture module, Client provisioning portal shows an error "An error occurred. Contact the helpdesk for assista...

Hi,In response to a security incident, I would like to query one group of endpoints in AMP (Secure Endpoint) for network connections to a specific IP address. How can I do that in Orbital?Thanks for your time.Have a great day.T

On 6/28 and 6/29 I received a large uptick in old PDF docs getting quarantined as PDF.Spam.Heur5.  In all cases, these pdf files have been on these workstations for two or more years.  Anyone else seeing this?  False positives, or better late than ne...

Hi,    I have seen this ISE reference for guest authentication & ISE: https://community.cisco.com/t5/security-documents/ise-guest-access-deployment-guide/ta-p/3640475 , but i am still unsure if wired guest users can be redirected to a Sponsor Captive...

Hi, I have a number of files on Windows 10 that are showing as clean   One is svchost.exe   SHA256 5d00bbeb147e0c838a622fc42c543b2913d57eaca4e69d9a37ed61e98c819347 It is reporting as clean.   However, the product name is Microsoft in Russian, which i...

Which tool can manage Windows Patch Management Check/Remediation with non administrator-level users during network access e.g. VPN? (I am using Cisco AnyConnect)   At the current guide... Cisco AnyConnect Secure Mobility Client Administrator Guide, R...

if I have amp installed on some workstations and protected by password, but unfortioanloity I don't have access to management counsel and passwords are forgotten , how can I remove it 

Zero Day Exploit of Microsoft Support Diagnostic Tool Detection. What components of Cisco Secure Endpoint will detect and block this vulnerability? https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-to...

Hello, I have a rather interesting issue that I am having trouble figuring out. AMP scans have returned 3 separate endpoints now with the same malicious phishing pdf that is seemingly located in someone's user profile. Normally this would be fine, be...

Hi community! We have a few Surface tablets that need Windows Early Launch Antimalware Protection temporarily off in order to boot. https://docs.microsoft.com/en-us/windows-hardware/drivers/install/early-launch-antimalware Alternatively we can remove...

I am very new to this Cisco product, and am currently going through some vendor security questions, and one of the questions is if our end user security will generate a log in the case of a failure to write a separate log. This might be a very simple...

Early on 5\21\2022, Cisco Endpoint Protection trapped this event:  'detected a Cloud IOC: Executed Malware IOC'. It was classed as 'AMADEY' Malware.  Because it was classified as a HIGH threat, and we have automated actions enabled, the affected comp...

Hello! I'm looking for a bug listing for AMP. Specifically, where new bugs are acknowledged to exist by Cisco. The most recent example of the IOC for chrome.exe is an example. I did receive an email, but I'm searching for where this bug is listed alo...

Lastnight I received many alerts about the Chrome update being indentified as Malware, until around 10PM EST, when a retrospective Malware alert was received making that file as Clean.Did anyone else see this same behavior?

I have this warning from Cisco AMP and I don't know how to solve it. Could anyone please help me in this? chrome.exe has been detected as W32. Trojan.NM.Quarantine was successful.