Endpoint Security

Resolved! Secure Endpoint - warn trusted

I am newer to the Secure Endpoint Product and cannot find int he user guide or our current documentation for a warn trusted cert. I am assuming with the amount of software etc that is out there this could be a pretty normal occurrence and to keep an...

Resolved! False positive for log4j ????

Hello,During scan, we found an apache server vulnerable to Java.Exploit.CVE_2021_44228-9914600-2. The culprit file was the "log4j-core-2.16.0-tests.jar"How this is possible? The log4j is supposed to be vulnerable for versions till 2.15.Should I treat...

Cisco ISE 2.2.0.470 no Policy set option

I'm working with ISE in my home lab and I noticed there is no "Policy set" in under policy menu webui. how to enable it?Service Identity Engine, Endpoint Security

Resolved! PYTHON API REST CODE FOR DELETE MAC ADD ENDPOINT FROM ISE 2.7 DB

Hello, sorry for my english. I writed a python api post code for add a mac add to endpoint group (whitelist), but now need another python api rest code for delete a mac add form DB ise directly.. (not from whitelist)..The new code need question it th...

Anyconnect Client Upgrade

Hello! We are looking to upgrade our hostscan image to 4.10 in order to permit connection from machines running the lastest a/v products. We are wondering: Will the clients be instructed to pull down the 4.10 version of Anyconnect after the upgrade...

Secure Endpoint scanning

Does Secure Endpoint scan using IP address or Hostname?

Cisco AMP Endpoint not showing in console frequently

Hey all, I was wondering if I could get some assistance with an issue I'm encountering. I have a few servers setup that have the endpoint installed, but these servers frequently go missing when checking the console. Sometimes a restart helps, but I h...

Scheduled Scan Cancellation notification

Hi All, Is it possible to receive a notification if a scheduled scan gets cancelled? I've checked the Events Dashboard but don't see an Event Type to subscribe to for this sort of notification under Computer Scans (this is for a Full scan of the comp...

Cisco AMP

Evaluating Cisco AMP, and I would like some community feedback on how you see this product stacking up against Defender ATP etc.IMO: AMP is lacking user logon monitoring. There is no analysis on this part. Failed logons to a server, creation of new a...

Finding The Most Recent User In AMP (Secure Endpoint)

I've noticed that you can search by username in AMP and get the devices that the user has logged into (or possibly generated events on). This is also possible in the API. I am wondering if there is any way to do the reverse. Is there any way to find ...

Resolved! Cisco AMP Causes Cisco Webex Teams To Crash Upon Launch

I'm having an issue and need some suggestions. I cannot open Cisco Webex Teams when Cisco AMP is installed. This only happens on two of my machines in the entire fleet. When I remove Cisco AMP I can then launch Cisco Webex Teams without issue. When A...

Endpoint IOC files for CVE-2021-44228 Log4Shell

Anybody have OpenIOC files that are usable with Secure Endpoint, with MD5 checksums for vulnerable Log4j files?The example below is not accepted when uploading "Enpoint IOC" to Cisco Secure Endpointhttps://github.com/mubix/CVE-2021-44228-Log4Shell-Ha...

AMP User Interface shows "Service stopped" when multiple users are logged in via Remote Desktop Services

Hi, I have a FireAMP Connector installed on a server with Remote Desktop Services running. When the first user logs in via RDP the tray agent looks good, green check mark, connected. But when the second user logs in the tray agent displays the error...

Does Cisco Amp scan for rootkits?

My organization has Cisco Amp for endpoint protection. The question we have is whether Amp scans for rootkits? We are also seeing a very high number of executable files show up as potential threats. Does Amp flag all ".exe" files as threats? Excel sp...

TETRA server connection problems

Most of my endpoints have out of date Tetra definitions. Pinging the three common US Tetra servers drops constantly. The EU Tetra servers don't have this problem. Is it safe to use EU servers if my clients are in the US?

Endpoint Security

Forum Posts

Resolved! Secure Endpoint - warn trusted

Resolved! False positive for log4j ????

Cisco ISE 2.2.0.470 no Policy set option

Resolved! PYTHON API REST CODE FOR DELETE MAC ADD ENDPOINT FROM ISE 2.7 DB

Anyconnect Client Upgrade

Secure Endpoint scanning

Cisco AMP Endpoint not showing in console frequently

Scheduled Scan Cancellation notification

Cisco AMP

Finding The Most Recent User In AMP (Secure Endpoint)

Resolved! Cisco AMP Causes Cisco Webex Teams To Crash Upon Launch

Endpoint IOC files for CVE-2021-44228 Log4Shell

AMP User Interface shows "Service stopped" when multiple users are logged in via Remote Desktop Services

Does Cisco Amp scan for rootkits?

TETRA server connection problems

log entries re [ExecHandler.swift@335] ... "hash found in cache!"

Code Integrity determined that a process (\Device\HarddiskVolume3\Wind

Feature Request: Safe Mode Reboot Protection in Cisco Secure Endpoint

Best Practices: Managing Cisco AMP and Windows Defender on Intune Devi

Orbital Execute Powershell Cmdlet for installed modules from PSGallery

Cisco FMC Scheduled Backup Error "Error creating tar archive"

Better Understanding

Anyone experiencing blue screens with Cisco Secure Endpoint 8.4.4?

FTD Backups sent to FTP Server is Failing

Secure Endpoint API PATCH methods