Rapid7 is excited to announce a new plugin for InisghtConnect that connects to Cisco AMP for Endpoints. Cisco Advanced Malware Protection (AMP) blocks attacks and helps you respond to threats quickly and confidently.
The Cisco AMP for Endpoints plugin provides the following actions and triggers:
- Get Activity
- Get Information about deployed Computers
- Get Event Types
- Get Events
- Isolate / Stop Isolation on Endpoints
- Trigger on New Event
This plugin allows security teams to take control of threat detection and response across the organization. It will scan your Cisco AMP deployment for new events and allow you to automatically remove machines that show suspicious behavior. You can then automate the investigation and mitigation of those machines and bring them back online without human intervention. This will also enable powerful integrations with your other security products to quickly isolate and remove any threats from your network.
What is InsightConnect?
InsightConnect is Rapid7’s security orchestration, automation and response (SOAR) solution that is purpose-built to accelerate your teams and tools through automation. By streamlining time-intensive processes, security teams are freed up to tackle other challenges. InsightConnect does this by connecting your tools so that each tool is used to its maximum potential, connecting the dots between them to better inform your security teams and enrich your data and security alerts. This leads to a major improvement in operational efficiency.