Cisco AMP (Advanced Malware Protection) is an EDR designed to prevent, detect, and help remove threats from computer systems.

Sending Data to Hunters

Hunters supports integration of Cisco AMP’s event-stream.

To integrate Cisco AMP into Hunters, create a new event-stream (AMQP messaging resource for events) using this guide by Cisco, and provide hunters with the following details:

  1. Host

  2. User Name

  3. Password

  4. Queue Name