Secure Endpoint
Secure Endpoint (formerly AMP for Endpoints) prevents threats at the point of entry, by identifying and halting advanced threats before they reach your endpoints.
Cisco Secure Endpoint (formerly AMP for Endpoints) is a core part of the endpoint security platform and is deployed as a preventative and investigative tool supporting detection and/or response functions for Windows, MacOS, Linux, Android and iOS devices. With Secure Endpoint’s Unity feature, these functions can be made available on other Secure Endpoint-enabled devices such as firewalls, web gateways, and email proxies.
The Secure Endpoint module allows you to investigate and identify multiple files with context from integrations across security products. It provides detailed information on affected endpoints and devices, including IP addresses, OS, and Secure Endpoint GUID. Additionally, it allows you to block files at endpoints and Secure Endpoint-capable edge devices and immediately quarantine affected endpoints with the Secure Endpoint Host Isolation response feature.
This integration also creates a target automatically in Automation for out-of-box workflows.
These are workflows that you can install in Cisco XDR automation and use with this integration. These are different from built-in workflows which are built into Cisco XDR by default for all customers.
These workflows are built into Cisco XDR automation and can be used with this integration. These are different from installable workflows, which are optional workflows you can install from Cisco and its partners.
These actions can be used in Cisco XDR automation to build workflows for this product. Workflows can help you automate how you investigate, respond to incidents, and more.