Cisco Threat Response Casebook (beta)
Item media 1 screenshot

Overview

Casebook and Investigation Widgets

Once installed, please visit your region's Threat Response API Clients page to create Casebook client credentials. In order for the casebook extension to function, you must select ALL SCOPES when adding your new API Client. - NAM: https://visibility.amp.cisco.com/#/settings/oauth - EU: https://visibility.eu.amp.cisco.com/#/settings/oauth - APJC: https://visibility.apjc.amp.cisco.com/#/settings/oauth The Cisco Threat Response Casebook is a powerful and convenient tool provided by Threat Response for saving, sharing, and enriching your threat analysis. Use cases for tracking notes and other bits and pieces of information as you follow leads in Threat Response. You can add observables and notes as you pursue your quarry. Along with the Casebook, you'll be able to find and inspect observables through the browser's context menu. Select text on a page, or select a single observable, open the context menu and choose the Cisco Threat Response menu option. The selection will be inspected for observables and you'll be presented with information and actions to help with your investigations. You can also launch an investigation on a single observable quickly by typing "ctr [space]" in the URL bar then typing or pasting an observable.

4.7 out of 553 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Review's profile picture

Maul “Roc”Jan 30, 2020

Awesome tool! Easy to use. Makes grabbing IoCs a painless task.

Review's profile picture

Jose Antonio GalindoNov 27, 2019

It is great colaborate with this tool to share knowledge and observable cases.

Review's profile picture

Alejandro PinedaNov 14, 2019

It is good add on, and really help to improve the security of your browser.

Details

  • Version
    0.9.6
  • Updated
    October 1, 2020
  • Offered by
    Cisco XDR
  • Size
    383KiB
  • Languages
    English (United States)
  • Developer
    Threat, Detection and Response
    11501 Burnet Rd Building 906, Floor 3 Austin, TX 78758 US
    Email
    roberha2@cisco.com
  • Trader
    This developer has identified itself as a trader per the definition from the European Union.

Privacy

The developer has not provided any information about the collection or usage of your data. To learn more, see the developer’s privacy policy.

Related

Secret Server Clipboard Utility

2.9(22)

Clipboard helper for Secret Server

ThreatPinch Lookup

4.8(25)

Add threat intelligence hover tool tips. IPv4, MD5, SHA2, CVE, FQDN or add your own ThreatIntel IOC. Use any REST API.

VT4Browsers

4.4(307)

VirusTotal Browser Extension.

SAML-tracer

4.3(30)

A debugger for viewing SAML messages

Free Visio Viewer (Mac, Windows, Linux)

2.9(330)

Open your Microsoft Visio files for free

Anomali Copilot

5.0(6)

Anomali Copilot is the cybersecurity industry's first natural language processing (NLP) based web content parser.

Recorded Future

4.8(22)

The Recorded Future Browser Extension provides real-time threat intelligence that is just a click away in any web-based application.

My Apps Secure Sign-in Extension

2.3(128)

My Apps Secure Sign-in Extension

Cisco SecureX Ribbon

5.0(1)

SecureX Ribbon and Investigation Widgets

Threat Analytics Search

4.9(17)

Use the Context Menu (right click menu) in the browser to conduct single or group searches for selected text.

Pulsedive Threat Intelligence

5.0(28)

Highlight IPs, domains, and URLs on any website to enrich them using Pulsedive's free threat intelligence data set.

Shodan

4.5(132)

The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

Secret Server Clipboard Utility

2.9(22)

Clipboard helper for Secret Server

ThreatPinch Lookup

4.8(25)

Add threat intelligence hover tool tips. IPv4, MD5, SHA2, CVE, FQDN or add your own ThreatIntel IOC. Use any REST API.

VT4Browsers

4.4(307)

VirusTotal Browser Extension.

SAML-tracer

4.3(30)

A debugger for viewing SAML messages

Free Visio Viewer (Mac, Windows, Linux)

2.9(330)

Open your Microsoft Visio files for free

Anomali Copilot

5.0(6)

Anomali Copilot is the cybersecurity industry's first natural language processing (NLP) based web content parser.

Recorded Future

4.8(22)

The Recorded Future Browser Extension provides real-time threat intelligence that is just a click away in any web-based application.

My Apps Secure Sign-in Extension

2.3(128)

My Apps Secure Sign-in Extension

Google apps