Overview 
JupiterOne provides a managed integration for Cisco AMP for Endpoints. The integration connects directly to Cisco AMP for Endpoints REST API to obtain endpoint protection and configuration information.
Configure the integration by providing the following details:
- API Endpoint (Hostname)
- API Client ID
- API Key
Valid API Endpoints include:
api.amp.cisco.comapi.apjc.amp.cisco.comapi.eu.amp.cisco.com
To generating Client ID and API Key:
- Log in to your AMP for Endpoints Console.
- Go to Accounts > API Credentials.
- Click New API Credentials to generate the Client ID and secure API Key.
Entities
The following entity resources are ingested when the integration runs.
| Cisco AMP Resources | _type of the Entity | _class of the Entity |
|---|---|---|
| Account | cisco_amp_account |
Account |
| Computer | cisco_amp_endpoint |
HostAgent |
Relationships
The following relationships are created:
| From | Relationship | To |
|---|---|---|
cisco_amp_account |
HAS | cisco_amp_endpoint |
The following relationships are mapped:
| From | Relationship | To |
|---|---|---|
cisco_amp_endpoint |
Protects | user_endpoint |
Comments
0 comments
Please sign in to leave a comment.