cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
81
Views
1
Helpful
0
Comments
zsoulios
Cisco Employee
Cisco Employee

Secure Endpoint continuously monitors every file entering your network, ensuring that any file exhibiting malicious behavior can be quickly identified, contained, and remediated to minimize potential damage.

In Cisco Secure Endpoint, both Device Trajectory and File Trajectory are powerful analysis tools used in investigations to enhance IT security and business operations.

The Device Trajectory feature in Cisco Secure Endpoint provides visibility into the events that occurred on a device, particularly when an Exploit Prevention event is triggered. It allows you to trace the sequence of events and identify the processes involved, helping to determine if a process or application is trusted or known within your environment. This feature is crucial for understanding the context of security events and making informed decisions about potential threats.

The File Trajectory feature in Cisco Secure Endpoint provides insights into the movement and handling of files within your network. It allows you to track when and where a file was first seen, the processes related to it, and its network connections. This feature is crucial for understanding the lifecycle of a file, especially in threat hunting scenarios, as it helps identify unauthorized or malicious file activities and supports actions like adding the file's SHA256 to an allow or block list.

 

In the video, you will also find a short demo that provides a practical demonstration of the features discussed.

 

Explore more on:

 

  • Secure Endpoint Resources:

Cisco Secure Endpoint Resources - Cisco

  • Secure Endpoint Best Practices Guide

https://www.cisco.com/c/en/us/products/collateral/security/fireamp-endpoints/secure-endpoint-og.html

Thank you!

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: