Cisco Advanced Malware Protection (AMP)
  • 16 May 2024
  • 1 Minute to read
  • Dark
  • PDF

Cisco Advanced Malware Protection (AMP)

  • Dark
  • PDF

Article summary

Cisco Advanced Malware Protection (AMP) includes threat intelligence, sandboxing, and malware blocking to detect, contain, and remove malware.


This adapter supports Cisco Secure Endpoint

Related Enforcement Actions:

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices


  1. Domain (required, default: '') - URL of the Cisco AMP domain.
  2. Client ID and API Key (required) - The credentials for a user account that has the Required Permissions to fetch assets.
  3. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Domain.
    • When supplied, Axonius uses the proxy when connecting to the value supplied in Domain.
    • When not supplied, Axonius connects directly to the value supplied in Domain.
  4. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.


Advanced Settings


Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters

  1. Parallel Requests Count (required, default: 5) - Set the maximum number of threads that execute API calls in parallel when fetching vulnerabilities.
  2. Fetch vulnerabilities (required, default: False) - Select whether to fetch vulnerabilities on devices.
    • When enabled, all connections for this adapter also fetch vulnerabilities.
    • When disabled, all connections for this adapter do not fetch vulnerabilities.
  3. Fetch Device Groups (required, default: False) - Set to send an extra request to get all groups in order to parse the group name for each device.



To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

Required Permissions

The value supplied in Client ID and API Key must have read access to devices.

To create an API key from the admin panel:

  1. Log into to the admin panel of Cisco AMP.
  2. Go to the Business Page from the Accounts dropdown menu.
  3. Click on the 'Edit' button.
  4. Under features, click on "Regenerate…" button beside "3rd Party API Access" to generate the client ID and secure API Key.
  5. Use these to connect to Cisco AMP with Axonius

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.