About ben.greenbaum

ben.greenbaum · 03-30-2020

Threat Response integrates with Cisco's Web Security Appliance (WSA) to provide visibility into web-bourne threats. By adding a Web Security or SMA Web module to Threat Response, investigators will be able to search for domains, URLs, and file hash...

ben.greenbaum · 12-12-2019

Threat Response integrates with Cisco Stealthwatch Enterprise (SWE) to provide Visibility into network threats. By adding an SWE module to Threat Response, investigators will be able to search for network flows to or from IP addresses that have been...

ben.greenbaum · 11-21-2019

There's a lot of material published about Threat Response, in places like http://cisco.com/go/threatresponse - but something I get asked by users is what can they do, to proactively stay informed and up to date? We are adding new integrations and new...

ben.greenbaum · 11-20-2019

Threat Response integrates with Cisco's Email Security Appliance (ESA) to provide Visibility into email-bourne threats. By adding an Email Security or SMA Email module to Threat Response, investigators will be able to search for email subject lines,...

ben.greenbaum · 10-03-2019

Question How do I configure a SecureX browser plugin? Answer *Updated 2021-01-04 to describe new plugin availability The browser plugins are easily configured. First you need to generate an "API Client" in SecureX. An API Client is essentially a...

ben.greenbaum · 11-21-2025

Hi Rekha,While it's possible to use the Global Intel API to fetch judgements, it may not be the best approach, as it leaves out all of your other XDR modules. Is there a specific reason that you only want results from that source? The better, more co...

ben.greenbaum · 02-14-2025

Hi Aash, > 1. How can I build integrations within the Cisco XDR platform? I’ve noticed many third-party integrations, such as CrowdStrike, ServiceNow, and Slack. Are these integrations developed and managed by the Cisco XDR team, or can individual d...

ben.greenbaum · 06-12-2023

Do you have confirmation from the device that it has sent (or attempted to send) samples to the appliance?

ben.greenbaum · 04-12-2023

How to implement a custom SecureX integration is dependent on what you want the integration to achieve. - If you want Defender and Sentinel to forward incidents into SecureX for handling, you will need those technologies to make calls to the SecureX ...

ben.greenbaum · 09-26-2022

Thank you very much for the followup, and I'm glad to read that it got resolved!

Member Since	‎05-03-2017 12:18 PM
Date Last Visited	‎11-21-2025 05:29 AM
Posts	42
Total Helpful Votes Received	156

User Statistics

User Activity

Web Security - what capabilities does it provide and how can I integrate it with Threat Response?

Stealthwatch Enterprise - what capabilities does it provide and how can I integrate it with Threat Response?

How can I stay up to date on developments with Cisco Threat Response?

Email Security - what capabilities does it provide and how can I integrate it with Threat Response?

How do I configure the SecureX browser plugin?

Re: How to use get access token for using xdr apis

Re: Query Regarding Cisco XDR Platform

Re: Cisco Threat Grid sample issue

Re: How does one add non-standard integrations to SecureX?

Re: Is my FMC integrated with SecureX?