Using Search & Remediate with Cisco SecureX

Starting with the release of AsyncOS 14.0 and Cisco SecureX 1.71, Search & Remediate is now available within Cisco SecureX by using Cisco Threat Response.

AsyncOS 14.0 Release Info
Cisco SecureX
Cisco Threat Response
Cisco SecureX Release Notes

You can perform remedial actions on messages processed by Email Security Appliance (ESA) or Security Management Appliance (SMA) Email to prevent suspected malicious activity.

Pivot Menu Update

The Pivot menu is updated to allow users to perform remedial actions on messages (Cisco Message ID and Email Message ID observables only) using the Initiate Forward, Initiate Deletion, or Initiate Forward/Delete options.

📘

Note

To perform remedial actions on messages, you must configure the new Remediation Forwarding Address field on the Available Integration Modules page when you add or edit the ESA or SMA Email module.

Integration Module Updates

The Quick Start instructions for the SMA Email and ESA integration modules have been updated to include the following:

  • The new Remediation Forwarding Address field and additional prerequisites are added to set up remediation.
  • For users using Smart licensing, SMA is automatically enabled and registered with Cisco Cloud Service Portal and token registration is not required.