ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Firepower NGFW/NGIPS - what capabilities does it provide and how can I integrate it with Threat Response?

591
Views
0
Helpful
0
Comments

With this integration, investigators can see intrusion events from Firepower devices correlated with enrichment from other Cisco Security products, adding greater context and helping the SOC investigate incidents with broader internal visibility.

The Firepower integration also supports Incident Manager, in which investigators can see, manage, and investigate curated high urgency intrusion events in Threat Response. Intrusion events from Firepower are the first data source that populates the Incident Manager (with more coming soon).

To integrate Firepower with Threat Response, you may use the start guide for Firepower and further details on the Firepower Integration FAQs

Learn more about Threat Response here, or check out other FAQs here