About ben.greenbaum

ben.greenbaum · 03-30-2020

Threat Response integrates with Cisco's Web Security Appliance (WSA) to provide visibility into web-bourne threats. By adding a Web Security or SMA Web module to Threat Response, investigators will be able to search for domains, URLs, and file hash...

ben.greenbaum · 12-12-2019

Threat Response integrates with Cisco Stealthwatch Enterprise (SWE) to provide Visibility into network threats. By adding an SWE module to Threat Response, investigators will be able to search for network flows to or from IP addresses that have been...

ben.greenbaum · 11-21-2019

There's a lot of material published about Threat Response, in places like http://cisco.com/go/threatresponse - but something I get asked by users is what can they do, to proactively stay informed and up to date? We are adding new integrations and new...

ben.greenbaum · 11-20-2019

Threat Response integrates with Cisco's Email Security Appliance (ESA) to provide Visibility into email-bourne threats. By adding an Email Security or SMA Email module to Threat Response, investigators will be able to search for email subject lines,...

ben.greenbaum · 10-03-2019

Question How do I configure a SecureX browser plugin? Answer *Updated 2021-01-04 to describe new plugin availability The browser plugins are easily configured. First you need to generate an "API Client" in SecureX. An API Client is essentially a...

ben.greenbaum · 06-12-2023

Do you have confirmation from the device that it has sent (or attempted to send) samples to the appliance?

ben.greenbaum · 04-12-2023

How to implement a custom SecureX integration is dependent on what you want the integration to achieve. - If you want Defender and Sentinel to forward incidents into SecureX for handling, you will need those technologies to make calls to the SecureX ...

ben.greenbaum · 09-26-2022

Thank you very much for the followup, and I'm glad to read that it got resolved!

ben.greenbaum · 08-03-2022

If you are seeing events in SSE your FMC is connected to SecureX.What you still need to do is connect SecureX to your FMC.... What happens when you click the "Enable SecureX" button?

ben.greenbaum · 08-01-2022

Hi Mostafa,Yes, there has to be some code that will use those API credentials and the Malware Analysis API to submit samples or retrieve intelligence. Examples of scripts that do so can be found here: https://github.com/CiscoSecurity?q=tg-For Palo Al...

Member Since	‎05-03-2017 12:18 PM
Date Last Visited	‎08-16-2023 12:09 AM
Posts	40
Total Helpful Votes Received	155

User Statistics

User Activity

Web Security - what capabilities does it provide and how can I integrate it with Threat Response?

Stealthwatch Enterprise - what capabilities does it provide and how can I integrate it with Threat Response?

How can I stay up to date on developments with Cisco Threat Response?

Email Security - what capabilities does it provide and how can I integrate it with Threat Response?

How do I configure the SecureX browser plugin?

Re: Cisco Threat Grid sample issue

Re: How does one add non-standard integrations to SecureX?

Re: Is my FMC integrated with SecureX?

Re: Is my FMC integrated with SecureX?

Re: Threat Grid Integration with Palo Alto