Item logo image for Cisco Threat Response Casebook (beta)

Cisco Threat Response Casebook (beta)

4.7(

53 ratings

)
ExtensionWorkflow & Planning2,000 users
Item media 1 screenshot

Overview

Casebook and Investigation Widgets

Once installed, please visit your region's Threat Response API Clients page to create Casebook client credentials. In order for the casebook extension to function, you must select ALL SCOPES when adding your new API Client. - NAM: https://visibility.amp.cisco.com/#/settings/oauth - EU: https://visibility.eu.amp.cisco.com/#/settings/oauth - APJC: https://visibility.apjc.amp.cisco.com/#/settings/oauth The Cisco Threat Response Casebook is a powerful and convenient tool provided by Threat Response for saving, sharing, and enriching your threat analysis. Use cases for tracking notes and other bits and pieces of information as you follow leads in Threat Response. You can add observables and notes as you pursue your quarry. Along with the Casebook, you'll be able to find and inspect observables through the browser's context menu. Select text on a page, or select a single observable, open the context menu and choose the Cisco Threat Response menu option. The selection will be inspected for observables and you'll be presented with information and actions to help with your investigations. You can also launch an investigation on a single observable quickly by typing "ctr [space]" in the URL bar then typing or pasting an observable.

4.7 out of 553 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Review's profile picture

Maul “Roc”Jan 30, 2020

Awesome tool! Easy to use. Makes grabbing IoCs a painless task.

Review's profile picture

Jose Antonio GalindoNov 27, 2019

It is great colaborate with this tool to share knowledge and observable cases.

Review's profile picture

Alejandro PinedaNov 14, 2019

It is good add on, and really help to improve the security of your browser.

Details

  • Version
    0.9.6
  • Updated
    October 1, 2020
  • Offered by
    Cisco XDR
  • Size
    383KiB
  • Languages
    English (United States)
  • Developer
    Threat, Detection and Response
    11501 Burnet Rd Building 906, Floor 3 Austin, TX 78758 US
    Email
    roberha2@cisco.com
  • Trader
    This developer has identified itself as a trader per the definition from the European Union.

Privacy

The developer has not provided any information about the collection or usage of your data. To learn more, see the developer’s privacy policy.
Google apps