Hi, I can't find a proper way to exclude a vulnerability scanner IP from alerts in SCA. One possible way to solve this (I guess) is to add entity groups for source IP and destination subnets. Afterwards select these entity groups in an Internal Conn...
Welcome to the Security Analytics Board!
Please take a look at our Stealthwatch Information Hub and our Stealthwatch Use Cases.Forum Posts
Hi community,We have installed SNA 7.4.2 and there is an existing integration with ISE 3.2.0.542. The TrustSec Analytics and TrustSec Policy Analytics show the SGTs but all cells in the matrix are grayed out (no traffic), even though there is traffic...
One of our customers is looking for an NDR solution, and we have suggested Cisco Stealthwatch (SNA).However, they need some clarity on its capabilities:They are using cisco switches, If an anomaly or suspicious activity is detected on a wired endpoin...
Cisco Secure Analytics (formerly Stealthwatch). It seems that there is an optional feature called "Threat Feed", but if you have a detailed knowledge of what can be done by purchasing this license, it will be helpful.
Cisco Secure Analytics (formerly Stealthwatch). Recently, Command & Control flow was detected, and when I checked the flow details in a hurry, it was detected as an event called "Suspect Long Flow", and when I further examined the related flow, the a...
Single Sign-On (SSO) is now a critical element for modern organizations, effectively balancing seamless user access with strong security. As a leader in Network Detection and Response (NDR), Secure Network Analytics (SNA) offers integration with a ra...
Hi,Is it possible to manually setup the NVM module for Cloud? From the XDR console I just can download the ServiceProfile XML, but not the Bootstrap file. Also, I don't see any reference manual on how to do it. Thanks
Hi, I have try to connect my ASA5555 FTD6.4 on FMC for sent syslog to SAL (On Prem) on SNA in manager only mode. As I research If I use SNA manager to install SAL (On Prem) that didn't required CDO, Is it? I have followed https://www.cisco.com/c/en/u...
Hi there. Can cisco security analytics delete automatically unusable interfaces for exporters in a while?
I'm in the process of configuring SNA Manager and flow collectors and applying the Best practice guide. I've enabled FIPS mode and Common Criteria Encryption libraries on SNA Flow collectors after uploading the correct certs to both SNA Manager and f...
I'm using the SNA APIs with dCloud. When I use the following API "/tenants/{tenantId}/devices" in Postman, I get the error message, "The requested resource could not be found." It should return I'm not able to use any of the APIs within this branch...
anyone know good online resource for Cisco Threat Grid (Secure Malware analytics) training for a novice to start.
Hello, We are facing an issue while registering the Data Store appliance to the Cisco Secure Network Analytics (CSNA) Manager (formerly Stealthwatch), version 7.5.2. During the setup process, the registration fails with the following message: "We co...
Hello! I´m studying the cybersecurity analist course and I´m stuck in the terminal security course due to i cannot download the CSE-LABVM the OVA files from the security station work.Please, can someone help me?
