Right click URL or select test to search on Cisco AMP/TG (including Threat Response) and Umbrella. Requires respective portal accts
Final Update: This chrome extension is now obsolete with the release of Cisco SecureX platform. Cisco SecureX platform connects the breadth of Cisco's integrated security portfolio and infrastructure for a consistent experience that unifies visibility, enables automation, and strengthens your security across network, endpoint, cloud, and applications. Check out the additional capabilities that the SecureX Ribbon and Casebook app can provide: https://www.cisco.com/c/en/us/td/docs/security/securex/getting-started-guide/b-securex-getting-started/m_introduction.html ---- V0.0.14 - Fixed Investigate in Cisco Threat Response to use the respective regional AMP cloud configured in extension options settings. V0.0.13 - Rebranded AMP Visibility to Cisco Threat Response. - Cisco Threat Response should be the primary search interface... Moved it to top - Updated selected text search to Cisco Threat Response with better input validation/sanitization - Additional selected text input parsing to automatically change hxxp(s) to http(s) for directly pivoting from Talos Blog posts - Additional selected text input parsing to automatically change IP Addresses and domains from w[.]x[.]y[.]z to w.x.y.z for directly pivoting from Talos Blog posts. - Added support for AMP APJC Cloud in options menu V0.0.12 - Updated search to include strings any selected text to Cisco AMP Visibility V0.0.11 - Updated search to Sourcefire AMP to reflect branding change to Cisco AMP V0.0.10 - Updated Opendns/ODNS to reflect branding change to Cisco Umbrella - Also updated Investigate lookups to investigate.umbrella.com v0.0.9 - Added an extension Options page that allows: o selection of AMP US or EU Clouds Direct EU Console search will soon be deprecated in favor of options o definition of an AMP Private Cloud server to extend search into Supports FQDN (e.g. private-amp.example.com) or IP Address V0.0.8 - Added hash search into OpenDNS Investigate V0.0.7 - Added Context Based search to search back within Cisco AMP for Endpoints console for selected text by Hash, filename, device name, URL or IP Address. v0.0.6 - Added OpenDNS Investigate search options --- Context Menu enabled Threat Intelligence search of selected text URL - Searches Cisco AMP Threat Grid for any known threat intelligence associated to the URL URL - Searches Cisco OpenDNS for any known threat intelligence associated to the FQDN in URL IP/Domain - Searches Cisco AMP Threat Grid and OpenDNS Investigate for any known threat intelligence MD5/SHA Hash - Searches Cisco AMP Threat Grid for any known threat intelligence associated to the file. Does not search OpenDNS since hashes are not indexed there.
- (2018-10-17) LT Teo: Awesome!!!
- (2018-07-27) Jeff Fanelli: easy pivot. great plugin
- (2018-03-14) Marc Dorn: Easy way to pivot from umbrella findings into ThreatGrid and AMP
- (2017-03-29) Billy Carter: I like it