The purpose of this demo is to showcase Cisco AMP Threat Grid's threat intelligence capabilities and how the tool can be integrated with other platforms such as Tanium, Splunk and Phantom Cyber. In this demo, an unknown file is downloaded to a Cisco or Palo Alto on-prem firewall, which then uploads the file to Threat Grid for assessment scoring. The file is later loaded into Tanium, Splunk or Phantom Cyber, which allow information about malicious files to be shared across platforms using cloud-based APIs.
Goals & Objectives
Hardware & Software