Starting with the release of AsyncOS 14.0 and Cisco SecureX 1.71, Search & Remediate is now available within Cisco SecureX by using Cisco Threat Response.
You can perform remedial actions on messages processed by Email Security Appliance (ESA) or Security Management Appliance (SMA) Email to prevent suspected malicious activity.
The Pivot menu is updated to allow users to perform remedial actions on messages (Cisco Message ID and Email Message ID observables only) using the Initiate Forward, Initiate Deletion, or Initiate Forward/Delete options.
To perform remedial actions on messages, you must configure the new Remediation Forwarding Address field on the Available Integration Modules page when you add or edit the ESA or SMA Email module.
The Quick Start instructions for the SMA Email and ESA integration modules have been updated to include the following:
- The new Remediation Forwarding Address field and additional prerequisites are added to set up remediation.
- For users using Smart licensing, SMA is automatically enabled and registered with Cisco Cloud Service Portal and token registration is not required.
Updated about 1 month ago