• Last Updated
    Apr 4, 2024
  • Version
    1.1.0
  • Compatibility
    ThreatQ versions >= 4.25.0
  • Cisco AMP for Endpoints CDF

    Overview

    The Cisco AMP for Endpoints CDF enables a ThreatQ user to ingest events from Cisco AMP for Endpoints.

    The CDF provides the following feed:
    • Cisco AMP for Endpoints Events - ingests events from Cisco AMP for Endpoints.
    The integration ingests the following system objects:
    • Events
      • Event Attributes
    • Indicators
      • Indicator Attributes

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy