With this integration, investigators can see intrusion events from Firepower devices correlated with enrichment from other Cisco Security products, adding greater context and helping the SOC investigate incidents with broader internal visibility.
The Firepower integration also supports Incident Manager, in which investigators can see, manage, and investigate curated high urgency intrusion events in Threat Response. Intrusion events from Firepower are the first data source that populates the Incident Manager (with more coming soon).
To integrate Firepower with Threat Response, you may use the start guide for Firepower and further details on the Firepower Integration FAQs.
Learn more about Threat Response here, or check out other FAQs here.