Endpoint Security

cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Cisco CyberSecurity

Forum Posts

By reading the FirePOWER documentation and by looking at Cisco Live slides (see uploaded slide), it seems that files are submitted for dynamic analysis by the ASA-SFR directly for dynamic analysis.   Could the files be submitted for dynamic analysis ...

cpaquet by Level 1
  • 3646 Views
  • 6 replies
  • 0 Helpful votes

So I have a user using excel with a macro/script and AMP keeps flagging VBA.ObfDldr.1.Gen How can I whitelist this file so it's not alerting 100x a day. The hash changes when they use the file.   

LoTeK by Level 1
  • 2714 Views
  • 1 replies
  • 0 Helpful votes

Hey all,  Calling all AMP experts - Looking for some help with an issue that has been driving me bananas.  My client has a website in which they open with IE and it loads an activeX addon (which is installed on the computer and has a C++ component to...

Kasim by Level 1
  • 3691 Views
  • 5 replies
  • 0 Helpful votes

Anybody ever have issues uninstalling AMP? I have a handful of computers still with v6.2.5 on them that I have been trying to upgrade to 6.2.9, but the upgrade fails because the 6.2.5 service can't be stopped. Even after a reboot, the service just ca...

tonynray by Level 1
  • 3021 Views
  • 3 replies
  • 0 Helpful votes

I've been scratching my head trying to locate the download .ova for AMP private cloud. I would like follow the guide Installation and Configuration of FireAMP Private Cloud but it references the OVF that I can't find in the Cisco downloads anywhere. ...

Hello, evaluating AMP for Endpoints first configuring policy to Audit, and after that first scan I change computers to group of Protect, check image attached, and my question is, how to apply the actions??  There are files detected that I delete it a...

Hello,  ClamAV a project of Talos by Cisco falsely detected several files of Luminati SDK as a virus, type: Win.Packed.Icloader Yesterday I have submitted the files at https://www.clamav.net/reports/fp and didn't got confirmation email or link to fol...

Hello, We need to archive some events so they're not lost forever after 30 days. I believe Splunk can integrate with the AMP API and can do this but alas we do not have Splunk or any other decent SIEM for that matter. Any bright ideas on how we could...

matty-boy by Level 1
  • 4305 Views
  • 8 replies
  • 0 Helpful votes

I am having a issue to update threat grid  in lab ,  it shows the following error when doing update.  ssh: connect to host appliance-updates.threatgrid.com port 22: No route to host Failure during transfer   Dirty interface is able to ping internet a...