Once you have access to Threat Response, check out the in product step by step guide for your first investigation. Learn more about Threat Response here, or check out other FAQs here. 

If you are just starting with Threat Response for the first time, use our quick start guides for Umbrella, Email Security, or Firepower. You can also check out our module configuration videos on YouTube and the in-product configuration details. Lear...

If you own AMP for Endpoints, you can manage users within the AMP dashboard. If you have other Cisco products, you can manage users at https://castle.amp.cisco.com/my/users. Learn more about Threat Response here, or check out other FAQs here. 

Threat Response is free with selected Cisco Security products. To get access, simply go to the login page for your region -  NA, EU, or APJC - and either log in or click to create an account. You can also watch this 1 min video on creating an accoun...

Threat Response is not a SIEM, but it can work alongside a SIEM to speed up investigations. For instance, via the browser plugins, Threat Response provides additional response capabilities directly from within the web-based interfaces of a SIEM. Lea...