I am new to cisco endpoint and will need some help in creating rolling 3 months analysis for end point positive detectionsand also analysis for false positive detection.Any help and directions will be deeply appriciated.Thanks
John McClane found Safe Mode for Android and iOS. He removed the banking app. He is dedicating himself to his maximum security rack, a long-time dream. Proxies are active on smartphones for now. He needs connectivity today. But his money is under the...
Hi All,
Need to block below exe file path on server. Can anyone help me how can i do this in Cisco secure endpoint console.
c:\program files\uvnc bvba\UltraVNC\winvnc.exe
We're having trouble running Office 365, is there application blocking where files can't be opened, is there any fix or policy enforcement to get it back up and running? Logs: (22455125, +0 ms) Jan 03 14:46:13 [7440]: ERROR: Event::SlowProcessor unab...
Good morning! We're currently facing the challenge of isolating our Linux systems (running Ubuntu and Debian) from the Cisco Secure Endpoint console (formerly known as AMP). Despite our efforts, we haven't been able to find a direct method to achieve...
Hola, Estoy haciendo el curso de ciberseguridad. Todo iba bien hasta que llegué al laboratorio de Seguridad de Terminales - Atacando lo que hacemos - Servicios Empresariales. El laboratorio es "atacar una base de datos MySQL", en el cual se pide el a...
Still running 2008R2 DCs believe it or not and they're running DPS v5.7.1. Does anyone know the URL to download legacy versions of DPS?Thanks in advance.
Last night we started getting GT:JS.Hyena.3.x detections on a number of computers. We are continuing to receive them, over 150 machines so far. Anyone else seeing this?
Hello TALOSSince the retirement of Immunet at the beginning of 2024, has maintenance of Clam AV CVD signature files by Cisco TALOS been impacted? Are the Clam AV community signature sets still being actively maintained by Cisco? Thanks in advance
We have an end user machine that was placed into isolation after a high severity Cloud IOC Event (Cloud IOC: W32.PowershellIEXReplace.ioc) and a low severity Cloud IOC Event (Cloud IOC: W32.PowershellObfuscationAttempt.ioc) was detected. Powershell ...
Hello,
We have some issue with an API used to register endpoint on ISE.
I'm looking for logs, report where I can see Identity Group Endpoint, registration, move and deletion.
Currently, I only find the last/current status.
Hope it's clear, thank you....
Hi, in the last few hours our Secure Endpoint has alerted to hundreds of events associated with "Gen:Variant.Jatommy.3.3433". While the files are being quarantined in most cases, i believe this may be a false positive, is anyone else seeing these ale...
Hello,we've noticed a shift in the development direction of the official Secure Endpoint web interface, which is unfortunately becoming a challenge for us to work with on a daily basis. As a result, we're considering creating our own administration i...
I am creating Deployment Profiles from Secure X in order to push Secure Client (and our modules) to workstations and servers. The deployment profile for workstations works as expected, whether using a Full Installer or Network installer. I am now t...
