Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About neipatel
11-14-2018
Stats
Member since
05-09-2014
23
Posts
55
Helpful
3
Solutions
Created by
neipatel
in Advanced Threats
in Advanced Threats
11-07-2018
12:37 PM
11-07-2018
12:37 PM
Mathias,
The comparative report talks a little bit more about the evasions, but not specifics. You would need to reach out directly to NSS for details on the evasions that were utilized.
-Neil
... View more
Created by
neipatel
in Advanced Threats
in Advanced Threats
11-07-2018
11:18 AM
11-07-2018
11:18 AM
To get into the security space the best place to start is with trainings. A few places to get started:
The SANS Institute
SANS hosts the largest repository of information security trainings, resources, and documents, making it the industry leader in trainings for Cybersecurity.
As part of a partnership with the SANS institute, we will be running a webcast talking about Endpoint security.
The SANS webcast is on Dec 5 register for free! https://www.sans.org/webcasts/109495.
Cisco Learning Network
Cisco offers career path trainings for Cybersecurity as part of its learning network check them out @ https://learningnetwork.cisco.com/community/it_careers/cybersecurity-training-and-certifications
I recommend you take some time to go through both Cisco Learning Network and SANS content as a start to your journey!
Good Luck!
-Neil
... View more
Created by
neipatel
in Advanced Threats
in Advanced Threats
11-05-2018
02:55 PM
11-05-2018
02:55 PM
Mathias,
Thank you very much for the question!
NSS AEP determined evasions based on blocking the threat within a time window. Beyond that time window AMP For Endpoints did detect all the threats. For these cases beyond initial block, AMP for Endpoints calls on patented retrospective security to find new threats that have bypassed other mechanisms. AMP continuously monitors files and vulnerable processes. If a file exhibits malicious behavior, AMP provides a full scope of the threat, quarantines the file and shares threat intelligence across the network, endpoint and cloud.
In addition, since the NSS AEP testing, AMP has released some newer innovations such as Malicious Activity Protection to help better protect endpoints. Learn a little more @ https://blogs.cisco.com/security/secure-your-endpoints-against-ransomware-introducing-malicious-activity-protection.
Thanks!
-Neil
... View more
03-19-2018
08:44 AM
Pull the code down again from the github, it can handle multiple events enter them in the parameters.json as you see in the readme (as an array). And make sure the value for "id_or_name" is equal to "id".
... View more
03-19-2018
07:42 AM
ericl42,
Check out the code @ https://github.com/QuiLoxx/ATS-APIs/tree/master/amp4e/neipatel_event-stream
That is a functional example which dumps event data do the screen from AMP for endpoints, that may be a start and instead of dumping to the screen it could be adapted to push via syslog.
... View more
Created by
neipatel
in Security Documents
in Security Documents
07-15-2014
11:38 AM
07-15-2014
11:38 AM
As part of Cisco’s commitment to continuously improving the quality of our Security as-a-Service offerings, we are making significant improvements to the infrastructure that delivers our Cisco Cloud Web Security (formerly ScanSafe) service. These infrastructure improvements will introduce a dramatic increase in capacity to the datacenters that provide our customer service, improving our quality of service during busy times. These infrastructure improvements will be introduced to our cloud without causing interruption to your service availability. Migration to this new infrastructure is happening in waves, as the new datacenters become available. In order to take advantage of the infrastructure improvements, minor configuration changes must be made to the products being used (ISR, ASA, WSA, others) to connect to the service. AnyConnect customers will not be required to make any configuration changes. A step by step guide for migration to the Next Generation Towers for each connection method, as well as a list of FAQs can be found on cisco.com below: http://www.cisco.com/c/en/us/support/docs/security/cloud-web-security/118478-technote-cws-00.html
... View more
Labels:
Created by
neipatel
in Advanced Threats
11-07-2018
11-07-2018
Mathias, The comparative report talks a little bit more about the
evasions, but not specifics. You w...
Created by
neipatel
in Advanced Threats
11-07-2018
11-07-2018
To get into the security space the best place to start is with
trainings. A few places to get starte...
Created by
neipatel
in Advanced Threats
11-05-2018
11-05-2018
Mathias, Thank you very much for the question! NSS AEP determined
evasions based on blocking the thr...
05-08-2018
That is correct, everything in the API is referenced by a unique GUID.
When creating a new host the ...
03-19-2018
Pull the code down again from the github, it can handle multiple events
enter them in the parameters...
03-19-2018
ericl42, Check out the code @
https://github.com/QuiLoxx/ATS-APIs/tree/master/amp4e/neipatel_event-s...
08-16-2017
I have attached an example to this with the last section of the access
rule showing the newComment f...
06-16-2017
tmagill_sig, Yes, upgrade to 6.2 would be needed for the subinterface
CRUD on the APIs. Regards, Nei...
06-16-2017
tmagill_sig, The URL you are using looks good. You may be on a version
of FMC that does not support ...
06-16-2017
tmagill_sig, For getting the details about the subinterfaces you are
using the GET method. To enable...
05-19-2017
nwilu0001, It is not possible to export the SNORT signature contents for
a specific IPS rule with th...
05-10-2017
enidbeats, Have you tried using the "Youtube" application filter rather
than a URL object (which I a...
05-03-2017
josemaria.perez, Have you tried using basic authorization rather than
directly adding the fields to ...
Public Statistics
| Date Registered | 05-09-2014 06:49 AM |
| Date Last Visited | 11-14-2018 11:29 AM |
| Total Messages Posted | 23 |
| Total Helpful Votes Received | 55 |
Helpful Votes From
