Cisco Secure Analytics (formerly Stealthwatch). It seems that there is an optional feature called "Threat Feed", but if you have a detailed knowledge of what can be done by purchasing this license, it will be helpful.
Welcome to the Security Analytics Board!
Please take a look at our Stealthwatch Information Hub and our Stealthwatch Use Cases.Forum Posts
Cisco Secure Analytics (formerly Stealthwatch). Recently, Command & Control flow was detected, and when I checked the flow details in a hurry, it was detected as an event called "Suspect Long Flow", and when I further examined the related flow, the a...
Single Sign-On (SSO) is now a critical element for modern organizations, effectively balancing seamless user access with strong security. As a leader in Network Detection and Response (NDR), Secure Network Analytics (SNA) offers integration with a ra...
Hi,Is it possible to manually setup the NVM module for Cloud? From the XDR console I just can download the ServiceProfile XML, but not the Bootstrap file. Also, I don't see any reference manual on how to do it. Thanks
Hi, I have try to connect my ASA5555 FTD6.4 on FMC for sent syslog to SAL (On Prem) on SNA in manager only mode. As I research If I use SNA manager to install SAL (On Prem) that didn't required CDO, Is it? I have followed https://www.cisco.com/c/en/u...
Hi there. Can cisco security analytics delete automatically unusable interfaces for exporters in a while?
I'm in the process of configuring SNA Manager and flow collectors and applying the Best practice guide. I've enabled FIPS mode and Common Criteria Encryption libraries on SNA Flow collectors after uploading the correct certs to both SNA Manager and f...
I'm using the SNA APIs with dCloud. When I use the following API "/tenants/{tenantId}/devices" in Postman, I get the error message, "The requested resource could not be found." It should return I'm not able to use any of the APIs within this branch...
anyone know good online resource for Cisco Threat Grid (Secure Malware analytics) training for a novice to start.
Hello, We are facing an issue while registering the Data Store appliance to the Cisco Secure Network Analytics (CSNA) Manager (formerly Stealthwatch), version 7.5.2. During the setup process, the registration fails with the following message: "We co...
Hello! I´m studying the cybersecurity analist course and I´m stuck in the terminal security course due to i cannot download the CSE-LABVM the OVA files from the security station work.Please, can someone help me?
Hi everyone,Having some .CSE rules when high amount of data Is leaving a internal network. Having alot of false positives related to this. And I'm wondering If It's possible in some way to exclude a specifik "Subject Payload" field?That "Subject Payl...
Hi,Analyzing the TrustSec Policy Analytics report generated by Secure Network Analytics, we can see offending traffic taking place between SGTs that have a deny ip SGACL applied, so in priniciple this traffic is not taking place since it is being enf...
It seems that when the ESA interrupts the e-mail for "borted due to size limit exceeded" on the tracking we see message size : na, we would like to know if it is possible to make it possible to see the size of the e-mail that was aborted?
