Cognitive Intelligence ends support for CWS
Cognitive Intelligence is no longer accessible by using Cisco Cloud Web Security (CWS), since CWS has reached its end-of-life and passed its last date of support.
New anomaly descriptions for threats
Descriptions added for Domain Generated Algorithm (DGA) classifier
Cognitive Intelligence is capable of detecting when a domain in the URL was not human generated, but created by a computer. This automated technique of coming up with a large number of domains is usually employed by attackers and can be flagged as suspicious behaviour. This anomaly can be seen in Alert -> Alert detail -> Anomalies
Descriptions added for communication with examples of bad domains
The following three domains can be accessed from an endpoint monitored by Cognitive Intelligence, in order to verify that the telemetry is being correctly ingested and processed by Cognitive Intelligence. Descriptions have been added to better explain these detections. This anomaly can be seen in Alert -> Alert detail -> Anomalies
Leveraging Cognitive Intelligence
Cognitive Intelligence capabilities are available to Secure Endpoint (Formerly Advanced Malware Protection or AMP for endpoints) customers with a compatible web proxy such as the Secure Web Appliance (Formerly Web Security Appliance) Appliance, and all Secure Networks Analytics (Formerly Stealthwatch Enterprise) customers. Reach out to your account executive to learn how to turbocharge your existing cybersecurity investment with Cognitive.
