Hi, I have a couple of questions:1> In the Script Control section of the policy.xml file there is an option to exclude certain processes or whitelist a folder, however I couldn't find where to configure these settings in the Secure Endpoint console. ...
Endpoint Security
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Endpoint Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AMP for Email
(13) -
AMP for Endpoints
(837) -
AMP for Web
(19) -
Buying Recommendation
(4) -
Cisco Bugs
(1) -
Cisco Cafe
(1) -
Cisco Vulnerability Management
(7) -
Collaboration Endpoints
(1) -
Community Feedback Forum
(1) -
Community Ideas
(1) -
Endpoint Security
(555) -
Event Analysis
(1) -
General
(1) -
Identity Services Engine (ISE)
(2) -
Integrations
(1) -
Meraki Systems Manager
(882) -
NGFW Firewalls
(1) -
NGIPS
(1) -
Orbital Advanced Search
(26) -
Other AMP Topics
(156) -
Other NAC
(1) -
Other Network Security Topics
(1) -
Other Security Topics
(1) -
Policy and Access
(1) -
Prioritization
(1) -
Room Endpoints
(1) -
Secure Endpoint
(1) -
Vulnerability Management
(9) -
Wireless
(1)
- « Previous
- Next »
Forum Posts
I am using pda through cisco wireless. and, apWhile replacing it with 9120, the authentication method was changed to 802.1x. According to the customer, the service has been unstable since the change, and looking at the log of the pda,intermittentlyCo...
Meraki Windows MDM user updated their Windows 10 Enterprise machine to Windows 11 before we could block the ability to do so with a GPO. Now their Windows profile will not sync. Previously the Windows profile and agent were installed correctly per ...
We have a Windows server running on 7.5.3 (Scheduled for upgrade to 8.1.3 shortly). There is a threat detected on the server and it was successfully quarantined. When viewing the details of the event in Event Trajectory, it says on the detected file ...
Resolved! AMP - full scan through SecureX
Hello everyone,I have created multiple workflows to alert on different types of events and now I am looking for a possibility to initiate a full scan via SecureX workflow. I have run through API documentation (https://api-docs.amp.cisco.com/api_resou...
Hi there, We recently isolated an Exchange Server using the AMP Dashboard. However, it appears that the Outlook Web Access (OWA) application that is running from it, was still active and accessible from the internet. Please clarify if AMP Isolation m...
Resolved! AMP for Endpoints Deployment
We have 1500 AMP for Endpoints licenses - I just watched a video on deploying them - from what I saw I would need each pc to go to https://console.amp.sourcefire.com portal page and download these individually. 1 - How would I get a login for the so...
Resolved! infected file originated from
Hello,When investigating a threat detected, is there a way to see how the infected file got on the machine? Is secure endpoint able to track it from a website, email, USB, etc?Thanks
Resolved! Cisco AMP Disposition
Hi everyone,Cisco AMP found different malicious files, I saw 2 different dispositions on Cisco AMP:Disposition: MaliciousDisposition: BlocklistedBoth files quarantined but can someone explain what is the difference between blocklisted and malicious d...
Hi, We are using Cisco for Endpoint (former AMP) on all our windows clients and server and would like to use the feature called "Kenna Risk score" but on all client it says that windows 10 i required, we are using windows 10, win 11, win 2019 server ...
I am currently running a project where we are updating Cisco Secure Endpoint on all over our servers from 7.3.15 to 7.5.5. Since we first deployed what was originally known as Cisco AMP we have experienced 100% CPU issues with a fair amount of our E...
Over the past few weeks, I have been getting quite a few notifications about tmp files getting flagged in Cisco AMP, but the file never gets quarantined. It just says that it failed to quarantine the file because it's already been "deleted, moved, or...
We see a lot of events regarding the solitarie.exe (Solitaire colection) detected as a threat on windows 11.We are able to allow the application un AMP but would like to report this as a false poitive, just to avoid all events. Since i dont have any ...
Hello, I'm deploying the Umbrella module of the Cisco Secure Client 5 in Windows and macOS devices, and I've seen the Auto-Update feature available from the Umbrella Dashboard is not supported by Cisco Secure Client 5 (only for Anyconnect 4.x). I ne...
Resolved! PowerShell detected as Malware
For a long time I received many alerts about the Powershell being indentified as Malware, when a retrospective Malware alert was received making that file as Clean.Common detecion: W32.PowershellEncodedBuffer.iocDid anyone else see this same behavior...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 04-20-2026 08:04 AM | ||
| 04-20-2026 04:37 AM | ||
| 03-26-2026 01:13 AM | ||
| 09-15-2025 11:10 PM | ||
| 08-07-2025 11:30 PM |
New solutions