Cisco AMP for Endpoints Integration Workflows
latest
AMP for Endpoints
1. Getting Started
2. Pivot into AMP for Endpoints
3. Ingesting Events
4. Query Events
5. Response Actions
6. Managed Deployment Techniques
Cisco AMP for Endpoints Integration Workflows
Docs
»
<no title>
Edit on GitHub
AMP for Endpoints
1. Getting Started
1.1. Region Endpoints
1.2. Creating an API Client
1.3. Testing Clients
1.4. Integration Requirements
1.5. Rate Limiting
2. Pivot into AMP for Endpoints
2.1. Pivoting to Search
2.2. Pivoting to Dashboard
2.3. Pivoting to Events
2.4. Pivoting to File Trajectory
2.5. Pivoting to Device Trajectory
3. Ingesting Events
3.1. Streaming API (Preferred)
3.2. Correlating Events
3.3. Grouping Events
4. Query Events
4.1. Trajectory Events
4.2. Detection Events
5. Response Actions
5.1. Simple Custom Detections
5.2. Application Block List
5.3. Move Host to Group
5.4. Isolate Host
5.5. Checking an Endpoint for Vulnerable Software
6. Managed Deployment Techniques
6.1. Deploy Agent
6.2. Check Agent Status
6.3. Get Agent GUID
6.4. Uninstall
6.5. Starting and Stopping Agents
6.6. Troubleshooting