![]() If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. ![]() They continue to innovate in the right way." "I would like to see integration with Cisco Analytics." "The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. We think that Cisco covers all of the security aspects on the market. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints." "We don't have issues. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through." "We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. When I open the dashboard right now, I see a million things and they are not always the things that I need." "In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. "It could be improved in connection with artificial intelligence and IoT." "The GUI needs improvement, it's not good." "They could improve the main dashboard to more clearly show me the things that I want to see. We're able to dig in and really understand how things came to be and where to focus our efforts." It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP." "Device Trajectory is one of the most valuable features. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It allows for research into a threat, and you can chart your progress on how you're resolving it." "The entirety of our network infrastructure is Cisco and the most valuable feature is the integration." "The most valuable feature is signature-based malware detection." "Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It should protect all kinds of things that might happen on the servers, things that I cannot see." "The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great." "It is extensive in terms of providing visibility and insights into threats. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source." "I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. "Among the most valuable features are the exclusions.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |