Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
Paladin
Level 1
Level 1
Member since ‎08-24-2021
‎07-20-2022
Recent Badges
Awards

User Statistics

  • 8 Posts
  • 0 Solutions
  • 15 Helpful votes Given
  • 5 Helpful votes Received
Recent Badges
See all
1 Helpful Vote
FirstQuestion

User Activity

Orbital endpoints not populating

05-13-2022
I have Cisco AMP MSP console with multiple organizations in it. Some have basic tiers of AMP and some have advanced. When I navigate to one of the consoles with Advanced tier and try using Orbital it askes me to sign in. Then I pick Secure X Sign On....

JS.Heur.Phishing.3.7AB62CB8.Gen

04-15-2022
Hello, Does anybody know what is  JS.Heur.Phishing.3.7AB62CB8.Gen Secure endpoint detections?   Tried looking here https://talosintelligence.com/secure-endpoint-namingdidn't find anything. 

AMP for Endpoints Simple Custom Detection quarantine event missing

09-30-2021
According to Cisco Secure Endpoint documentation:” A Simple Custom Detection list is similar to a blocked list. These are files that you want to detect and quarantine. Not only will an entry in a Simple Custom Detection list quarantine future files, ...

W32.MAP.Ransomware.rwd.

09-03-2021
Sha 256 e5dccb33478bf13629d0a3f0ba7daceb56d7792e0132886ed129334ec6bb2a33 detected by MAP and convicted as  W32.MAP.Ransomware.rwd.  Found this post https://quickview.cloudapps.cisco.com/quickview/bug/CSCvq59864, my Connector version is 7.4.1.20439. N...

Preventing Lsass Dump with Cisco Secure Endpoint

08-24-2021
Cisco Secure Endpoint flags Lsass dump as Cloud IOC. EDR tool did not stop the dump, most likely because Windows native tools were used. I have ticketing in place to alert on the event. Does anybody know how do I blacklist the activity(command line i...
Community Statistics
Member Since ‎08-24-2021 02:53 PM
Date Last Visited ‎07-20-2022 12:01 AM
Posts 8
Total Helpful Votes Received 5
Helpful Votes From
See all >
Helpful Votes Given To
See all >