Cisco Advanced Malware Protection (AMP)
  • 1 Minute To Read
  • Print
  • Share
  • Dark
    Light

Cisco Advanced Malware Protection (AMP)

  • Print
  • Share
  • Dark
    Light

Cisco Advanced Malware Protection (AMP) includes threat intelligence, sandboxing, and malware blocking to detect, contain, and remove malware.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Domain (required, default: 'https://api.amp.cisco.com') - URL of the Cisco AMP domain.
  2. Client ID and API Key (required) - The credentials for a user account that has the Required Permissions to fetch assets.
  3. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Domain.
    • If supplied, Axonius will utilize the proxy when connecting to the value supplied in Domain.
    • If not supplied, Axonius will connect directly to the value supplied in Domain.
  4. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

image.png

Required Permissions

The value supplied in Client ID and API Key must have read access to devices.

To create an API key from the admin panel:

  1. Log into to the admin panel of Cisco AMP.
  2. Go to the Business Page from the Accounts dropdown menu.
  3. Click on the 'Edit' button.
  4. Under features, click on "Regenerate…" button beside "3rd Party API Access" to generate the client ID and secure API Key.
  5. Use these to connect to Cisco AMP with Axonius
Was This Article Helpful?