Working with a customer who is using FireEYE and now SourceFIRE to complement that solution. When looking at Intrusion events there is an option to "review" them. What i need to know is once i "review" an intrusion event how do i know when I actually did it. Can i run a report that shows me when i reviewed intrusion events? the only columns i see available are "reviewed by". I see in the audit log you can see that an intrusion event was reviewed but it does not give specific detail on which event was reviewed. there is a small disconnect there.
FireEYE's intrusion event summary page shows the event, and when the events were acknowledged. The customer is looking for something similar.
Learn about the rapidly evolving cyberthreat landscape and how both organizations and users can protect themselves as we transition to a forever hybrid world through a conversation with Cisco Talos Security Research Leader for Europe, Middle East, Africa,...
When we said the word “hybrid” in the past, it usually recalled the image of a new variety of plant or maybe an electric car. These days, it applies to the workplace too.
The future of work isn’t “changing” to a h...
Thanks for attending our Ask the Experts (ATXs) session! Here’s the post-session resources for easy reference.
New to ATXs? An ATXs session, offered at no cost, is an hour of real-time learning led by Cisco experts, who will answer your technology q...
Cisco Secure Endpoint
New packages fit for every organization
Every Cisco Secure Endpoint (formerly AMP for Endpoints) package comes with Cisco SecureX built-in. It’s our cloud-native platform that integrates all your security solutions into one view wit...