Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We output Secure Endpoint events to our SIEM. I am seeing Cloud IOC events in the SIEM, however, upon review of the endpoint in Secure Endpoint, the IOC indicators are displayed. This appears to be true of low-criticality events. Also, when I at...
I am experiencing some issues where machine names are changing, and I am getting incorrect reporting. I found Cisco Article updated June 28, 2022 Titled : Cisco Secure Endpoint Guide to Identity Persistence Updated: June 28, 2022, Document ID:21755...
What is the proper method of applying a custom exception to just a group of computers within a policy?is there a way to do this without having to clone a policy? that seems to defeat having groups.
I am attempting to retrieve an events report from the Endpoint Security console.I apply an events filter, then select 'download to csv'there is a pop-up from the console stating an email will be sent to me with a link to download the report.The email...
tHow does Threat Grid operate once an organization exceeds its submission rate limits? Does it ignore / no longer inspect files at that point until the 24 hour rolling window resets?
Thank you. We checked with Cisco and indeed disabling MAP (not placing in audit, but disabling) worked and in fact MAP is not recommended by Cisco for server deployments.
