Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, I'm stuck trying to integrate Umbrella into XDR. I followed the XDR guide, created a new API, set the required scope, and created an enforcement API. I've entered all the necessary information, but I keep getting an error message.
Hi,
I can't find a proper way to exclude a vulnerability scanner IP from alerts in SCA.
One possible way to solve this (I guess) is to add entity groups for source IP and destination subnets. Afterwards select these entity groups in an Internal Conn...
Hello,
When integrating cisco Secure Cloud Analytics into Cisco XDR, I came across the following obstacles.
1. in the overview of XDR integrations of other services, SCA is always followed by +Enable. Even after performing the integration, this view ...
Hi,
I am looking for an option to remove the default and manually set values so that the values of my rules are applied.
Or is there a bug that prevents rules from overwriting previously set values?
Thanks in advance!
Perhaps I am misinterpreting the rules. As I understand the rule, I have to enter the targets here. That is correct, isn't it?
If I now enter 0.0.0.0/0 or only the private addresses, I will no longer detect scans from potential attackers because I ha...
Thank you for your reply.
As I understand IP Scanner rules, I have to enter each destination address to this rule. This is pretty unhandy as there are several targets and possible changes in of IPs. Is it therefore possible to allow the source addre...
We are facing the same challenge of identifying whether this is a false positive or whether it really is something that needs to be looked at more closely.
C:\Users\****\AppData\Roaming\Zoom\6.4.6.64360\Zoom.msi is moved to quarantine.
detected ...
