Hello,
We are running FMC 7.2 and on the summery dashboard on the Threats TAB, there is a list called "Indication of Compromise by Host" where we can see hosts that have downloaded malware and are CnC connected. It looks like this:
We would like to get an email or/and a SNMP alert whenever this happens, but I cannot find where I can configure this.
I've looked under Policys->Actions->Alerts->Advanced Malware Protection Alerts, but I am not sure this is exactly the same alerts?
Thanks
/Chess
