01-12-2018 11:01 AM - edited 02-20-2020 09:05 PM
Hi
We are looking at ESA AMP\Threatgrid. Can the files that are uploaded to threatgrid for further analysis be deleted? If so, how would that be done exactly?
thanks
01-12-2018 12:24 PM
Hi Louis, I assume you're referring to Threat Grid Cloud. Yes, files can be deleted through Threat Grid Portal by the org admin, this is one of the features in the portal. If the customer doesn't have entitlements/licensing to access the portal, a support ticket can be open to remove a file.
01-15-2018 04:05 AM
Hi Evegeny,
Thank you for that information, would you know if we can programmatically do these deletions via an api call or something like that? If so, is there documentation available? i havent had any luck in finding it so far.
thank you,
01-16-2018 02:43 AM
Hi Louis,
Delete sample is available through the Web UI today. I assume the question is about files submitted automatically by integrations (ESA, CES, WSA, FTD, Meraki, ...) - in this case, all the files are marked as private, meaning only the organization that submitted a sample can see it. This is well documented in the Threat Grid help, though requires a Threat Grid Portal account at panacea.threatgrid.com (eu). Alternative consideration, if there's a strict privacy concern, would be an on-prem Threat Grid appliance.
06-27-2018 03:19 AM
Thank you Evgeny
07-05-2018 04:50 AM
Thanks a lot
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: