This operation allows a ThreatQ user to execute 2 actions on their Cisco AMP for Endpoints instance. The first action allows users to submit a SHA-256 hash from ThreatQ to a Cisco AMP for Endpoints application block list. The second action allows users to query their Cisco AMP for Endpoints events for any hits on a specific SHA-256 hash.