Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have Cisco AMP MSP console with multiple organizations in it. Some have basic tiers of AMP and some have advanced. When I navigate to one of the consoles with Advanced tier and try using Orbital it askes me to sign in. Then I pick Secure X Sign On....
Hello, Does anybody know what is JS.Heur.Phishing.3.7AB62CB8.Gen Secure endpoint detections? Tried looking here https://talosintelligence.com/secure-endpoint-namingdidn't find anything.
According to Cisco Secure Endpoint documentation:” A Simple Custom Detection list is similar to a blocked list. These are files that you want to detect and quarantine. Not only will an entry in a Simple Custom Detection list quarantine future files, ...
Sha 256 e5dccb33478bf13629d0a3f0ba7daceb56d7792e0132886ed129334ec6bb2a33 detected by MAP and convicted as W32.MAP.Ransomware.rwd. Found this post https://quickview.cloudapps.cisco.com/quickview/bug/CSCvq59864, my Connector version is 7.4.1.20439. N...
Cisco Secure Endpoint flags Lsass dump as Cloud IOC. EDR tool did not stop the dump, most likely because Windows native tools were used. I have ticketing in place to alert on the event. Does anybody know how do I blacklist the activity(command line i...
Hello Pinakotal,
Cisco AMP is a great product that I use a lot. It has some great features and can be integrated with Umbrella and Stealthwatch. It does have some limitations, as every EDR tool. You will not be able to isolate MAC device, they are ...
