Cisco Threat Response Casebook (beta)
Casebook and Investigation Widgets
What is Cisco Threat Response Casebook (beta)?
Cisco Threat Response Casebook (beta) is a chrome extension provided by Threat Response. It's a powerful tool that aids in saving, sharing, and enriching data in the course of threat analysis. It functions by allowing users to track notes and details as they unravel leads in Threat Response. Added to its features, users can inspect observables from the browser's context menu and initiate a swift investigation on a single observable through simple commands in the URL bar.
Once installed, please visit your region's Threat Response API Clients page to create Casebook client credentials. In order for the casebook extension to function, you must select ALL SCOPES when adding your new API Client.
- NAM: https://visibility.amp.cisco.com/#/settings/oauth
- EU: https://visibility.eu.amp.cisco.com/#/settings/oauth
- APJC: https://visibility.apjc.amp.cisco.com/#/settings/oauth
The Cisco Threat Response Casebook is a powerful and convenient tool provided by Threat Response for saving, sharing, and enriching your threat analysis. Use cases for tracking notes and other bits and pieces of information as you follow leads in Threat Response. You can add observables and notes as you pursue your quarry.
Along with the Casebook, you'll be able to find and inspect observables through the browser's context menu. Select text on a page, or select a single observable, open the context menu and choose the Cisco Threat Response menu option. The selection will be inspected for observables and you'll be presented with information and actions to help with your investigations.
You can also launch an investigation on a single observable quickly by typing "ctr [space]" in the URL bar then typing or pasting an observable.
User reviews summary
- Easy to use
- Great for threat hunting
- Improves browser security
- The extension is still in beta
- Needs more testing
- Some users find it to be a new concept to grasp
- Threat response
Cisco Threat Response Casebook (beta) is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this extension. Review carefully before installing. We recommend that you only install Cisco Threat Response Casebook (beta) if you trust the publisher.
Cisco Threat Response Casebook (beta) has earned a fairly good reputation and likely can be trusted.
Here are some Chrome extensions that are similar to Cisco Threat Response Casebook (beta):