Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1352
Views
25
Helpful
1
Replies

Scan Cisco Endpoint Protection for specific IoCs?

manikqile
Level 1
Level 1

‎03-02-2022 11:28 PM

Is there a simple way to search my org with Cisco Endpoint for a specific IoC?

I can find details on a specific IoC when I search the upper corner, but it doesn't tell me if its ever showed up on my network.

Point me in the right direction if you can. Whitepapers, guides, youtube videos, etc. Anything is welcome. I'm filling in and not sure what the next step is.

https://omegle.onl/ vshare
Labels:
1 Reply 1

Ken Stieers
VIP
VIP

‎03-03-2022 04:47 AM

If its dormant on a box somewhere and hasn't been touched by anything for a while you'll want do an IOC scan

https://www.cisco.com/c/en/us/support/docs/security/advanced-malware-protection-endpoints/118899-technote-malwareprotection-00.html

This is also a classic use case for Cisco Threat Response, but for that to be useful, you need to have gotten started with SecureX (free with your AMP license.
Customers Also Viewed These Support Documents
Top