Cisco Threat Response Casebook (beta)
53 ratings
)Overview
Casebook and Investigation Widgets
Once installed, please visit your region's Threat Response API Clients page to create Casebook client credentials. In order for the casebook extension to function, you must select ALL SCOPES when adding your new API Client. - NAM: https://visibility.amp.cisco.com/#/settings/oauth - EU: https://visibility.eu.amp.cisco.com/#/settings/oauth - APJC: https://visibility.apjc.amp.cisco.com/#/settings/oauth The Cisco Threat Response Casebook is a powerful and convenient tool provided by Threat Response for saving, sharing, and enriching your threat analysis. Use cases for tracking notes and other bits and pieces of information as you follow leads in Threat Response. You can add observables and notes as you pursue your quarry. Along with the Casebook, you'll be able to find and inspect observables through the browser's context menu. Select text on a page, or select a single observable, open the context menu and choose the Cisco Threat Response menu option. The selection will be inspected for observables and you'll be presented with information and actions to help with your investigations. You can also launch an investigation on a single observable quickly by typing "ctr [space]" in the URL bar then typing or pasting an observable.
4.7 out of 553 ratings
Google doesn't verify reviews. Learn more about results and reviews.
Details
- Version0.9.6
- UpdatedOctober 1, 2020
- Offered byCisco XDR
- Size383KiB
- LanguagesEnglish (United States)
- DeveloperThreat, Detection and Response
11501 Burnet Rd Building 906, Floor 3 Austin, TX 78758 USEmail
roberha2@cisco.com - TraderThis developer has identified itself as a trader per the definition from the European Union.