Hi All, I have 2 devices and I would like to create an alert on Stealthwatch when there is another communication except between those 2 devices.let say device A and Device B should communicateand if Device A tries to communicate with Device C I would...
Hello everyone,I'm looking for a way to exclude a specific application (or a port) from an alarm or from the security event itself.The reason is the "Windows Update Delivery" function causing Addr_Scan events resulting in Recon alarms.I would like to...
I see that the Stealthwatch SMC GUI (7.2) supports MFA via Radius - but looking at ways to limit access to other components such as the CLI on the SMC, as well as the CLI or GUI on the Flow Collectors or Flow Sensors? Does Stealthwatch support the co...
We have an instance of a VFTD firewall on our infrastructure and we would like to monitor it's sessions that are coming to our network via snmp but we couldn't find any OIDs related to that .
Hi, One of our customer has purchased VM editions of SMC, FC and FS appliances and 25000 flows licenses. We found that we have different models of VM appliances like SMCVE, SMC2000VE and FCVE,FCVE2000. I found that these specs are based on the host c...
FireEye experienced a breach. Their APT toolkit was stolen. FireEye is sharing indicators of compromise and countermeasures on GitHub. How can I use Stealthwatch Cloud to detect those IOCs? https://github.com/fireeye/red_team_tool_countermeasures
Dear CommunityWe're looking for a solution to access to Cognitive Threat Analytics (Stealthwatch Data) from an other Browser, than the Browser used for Cisco Stealthwatch. Do you have similar situations and maybe a solution for access CTA without th...
December 2: Central Log Management using Cisco Security Analytics and Logging
8am-9:30am PT
Cisco Security Analytics and Logging is Cisco’s Central Log Management solution for Network Operations and Security Outcomes. It is delivered both as a cloud ...
I'm trying to resolve an issue related to a Configuration failure for SMC. What are the possible solutions for below issue? {"successful":false,"details":"exit code: 1ElementIDs without results: aide, auditLogDestination, configBackup, dns, dnsCache,...
November 18: Multicloud security posture and threat management with Stealthwatch Cloud
8am-9:30am PT
Cisco Stealthwatch Cloud provides visibility, compliance, threat detection and investigation capabilities across on-premises and cloud environments. ...
Hi Team, Is there any document that can help to understand how cisco stealthwatch integrates with threatconnect (SOAR solution - now a part of RSA)? RegardsRajesh
Good Day I recently enabled syslogs from a bluecoat proxy into Stealthwatch.I can see some URL data for users so on the surface it does seem good.I did notice in the log file though some errors. FC01:~# tail -f /lancope/var/sw-flow-proxyparser/logs/s...
Things appeared to go sideways yesterday (02/10) with regard to the data in the SLIC feed - as we received 40+ alerts of C&C activity as users were browsing to www.google.com - the destination IPs were what is expected for Google The destination C&C ...
Hi Team,I have installed Host Classifier application v1.0.13 on SMC v7.0.3, but it is not populating any data on App dashboard as it could not find pre-defined host groups. Does this app needs manual creation of host groups. Thanks.