Endpoint Security

Hello!  We are looking to upgrade our hostscan image to 4.10 in order to permit connection from machines running the lastest a/v products.  We are wondering: Will the clients be instructed to pull down the 4.10 version of Anyconnect after the upgrade...

Does Secure Endpoint scan using IP address or Hostname?

Hey all, I was wondering if I could get some assistance with an issue I'm encountering. I have a few servers setup that have the endpoint installed, but these servers frequently go missing when checking the console. Sometimes a restart helps, but I h...

Hi All, Is it possible to receive a notification if a scheduled scan gets cancelled? I've checked the Events Dashboard but don't see an Event Type to subscribe to for this sort of notification under Computer Scans (this is for a Full scan of the comp...

Evaluating Cisco AMP, and I would like some community feedback on how you see this product stacking up against Defender ATP etc.IMO: AMP is lacking user logon monitoring. There is no analysis on this part. Failed logons to a server, creation of new a...

I've noticed that you can search by username in AMP and get the devices that the user has logged into (or possibly generated events on). This is also possible in the API. I am wondering if there is any way to do the reverse. Is there any way to find ...

Anybody have OpenIOC files that are usable with Secure Endpoint, with MD5 checksums for vulnerable Log4j files?The example below is not accepted when uploading "Enpoint IOC" to Cisco Secure Endpointhttps://github.com/mubix/CVE-2021-44228-Log4Shell-Ha...

Hi, I have a FireAMP Connector installed on a server with Remote Desktop Services running. When the first user logs in via RDP the tray agent looks good, green check mark, connected. But when the second user logs in the tray agent displays the error...

My organization has Cisco Amp for endpoint protection. The question we have is whether Amp scans for rootkits? We are also seeing a very high number of executable files show up as potential threats. Does Amp flag all ".exe" files as threats? Excel sp...

Most of my endpoints have out of date Tetra definitions. Pinging the three common US Tetra servers drops constantly. The EU Tetra servers don't have this problem. Is it safe to use EU servers if my clients are in the US?

Hello, I have a machine that has been isolated by Cisco Secure Endpoint (AMP) and I'm trying to better understand the event (as I can't seem to find a suitable explanation). Here are some details: ...File signed by Roblox Corporation with certificate...

where to i look to find my account manager in the state of minnesota for MFA?

I am attempting to retrieve an events report from the Endpoint Security console.I apply an events filter, then select 'download to csv'there is a pop-up from the console stating an email will be sent to me with a link to download the report.The email...