Browse Apps
Integration Documentation
  • Last Updated
    Apr 4, 2024
  • Version
    1.1.0
  • Compatibility
    ThreatQ versions >= 4.25.0

    • Cisco AMP for Endpoints CDF

    ThreatQuotient

    www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html

    Overview

    The Cisco AMP for Endpoints CDF enables a ThreatQ user to ingest events from Cisco AMP for Endpoints.

    The CDF provides the following feed:
    • Cisco AMP for Endpoints Events - ingests events from Cisco AMP for Endpoints.
    The integration ingests the following system objects:
    • Events
      • Event Attributes
    • Indicators
      • Indicator Attributes

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy