Cisco AMP for Endpoints Operation

Overview

This operation allows a ThreatQ user to execute 2 actions on their Cisco AMP for Endpoints instance. The first action allows users to submit a SHA-256 hash from ThreatQ to a Cisco AMP for Endpoints application block list. The second action allows users to query their Cisco AMP for Endpoints events for any hits on a specific SHA-256 hash.

What's New

Version: 1.0.0

Download