Endpoint Security

cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Forum Posts

AMP - False Positive

So I have a user using excel with a macro/script and AMP keeps flagging VBA.ObfDldr.1.Gen How can I whitelist this file so it's not alerting 100x a day. The hash changes when they use the file.   

LoTeK by Beginner
  • 2209 Views
  • 1 replies
  • 0 Helpful votes

Cisco AMP for Endpoints & IE ActiveX addon

Hey all,  Calling all AMP experts - Looking for some help with an issue that has been driving me bananas.  My client has a website in which they open with IE and it loads an activeX addon (which is installed on the computer and has a C++ component to...

Kasim by Beginner
  • 2717 Views
  • 5 replies
  • 0 Helpful votes

Uninstall Issue

Anybody ever have issues uninstalling AMP? I have a handful of computers still with v6.2.5 on them that I have been trying to upgrade to 6.2.9, but the upgrade fails because the 6.2.5 service can't be stopped. Even after a reboot, the service just ca...

tonynray by Beginner
  • 2078 Views
  • 3 replies
  • 0 Helpful votes

Resolved! AMP Private Cloud Download

I've been scratching my head trying to locate the download .ova for AMP private cloud. I would like follow the guide Installation and Configuration of FireAMP Private Cloud but it references the OVF that I can't find in the Cisco downloads anywhere. ...

AMP -

Hello, evaluating AMP for Endpoints first configuring policy to Audit, and after that first scan I change computers to group of Protect, check image attached, and my question is, how to apply the actions??  There are files detected that I delete it a...

False-positive of lum-sdk

Hello,  ClamAV a project of Talos by Cisco falsely detected several files of Luminati SDK as a virus, type: Win.Packed.Icloader Yesterday I have submitted the files at https://www.clamav.net/reports/fp and didn't got confirmation email or link to fol...

AMP: Archiving Events

Hello, We need to archive some events so they're not lost forever after 30 days. I believe Splunk can integrate with the AMP API and can do this but alas we do not have Splunk or any other decent SIEM for that matter. Any bright ideas on how we could...

matty-boy by Beginner
  • 3414 Views
  • 8 replies
  • 0 Helpful votes

Threat grid update failure

I am having a issue to update threat grid  in lab ,  it shows the following error when doing update.  ssh: connect to host appliance-updates.threatgrid.com port 22: No route to host Failure during transfer   Dirty interface is able to ping internet a...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers