On August 11, 2023, Cisco announced that Cisco SecureX will go end-of-life on July 31, 2024. The content in this Github repository will not be actively maintained following this announcement.

Default Targets

This page lists all of the targets that are created by default when an orchestration instance is provisioned. These are used with the default account keys that are also configured.


AMP_Target

This target is used to make requests to AMP for Endpoints.

  • Type: HTTP Endpoint
  • Protocol: HTTPS
  • Host: api.amp.cisco.com
  • Path: /v1
  • Account Key: AMP_Credentials

CTIA_Target

This target is used for operations related to public threat intelligence.

  • Type: HTTP Endpoint
  • Protocol: HTTPS
  • Host: intel.amp.cisco.com
  • Path: None
  • Account Keys:
    • If using the SecureX Token account key: CTR_Credentials
    • If using the legacy method: None

CTR_For_Access_Token

This target is used to get access tokens for the Threat Response API. This target is only used if you haven’t migrated to the new SecureX token account keys. More information about the different types of targets and account keys for SecureX APIs can be found here.

  • Type: HTTP Endpoint
  • Protocol: HTTPS
  • Host: visibility.amp.cisco.com
  • Path: /iroh
  • Account Key: CTR_Credentials

CTR_API

This target is used to access the Threat Response API for things like inspection, enrichment, and deliberation.

  • Type: HTTP Endpoint
  • Protocol: HTTPS
  • Host: visibility.amp.cisco.com
  • Path: /iroh
  • Account Keys:
    • If using the SecureX Token account key: CTR_Credentials
    • If using the legacy method: None

Orbital_For_Access_Token

This target is used to get access tokens for Orbital.

  • Type: HTTP Endpoint
  • Protocol: HTTPS
  • Host: visibility.amp.cisco.com
  • Path: /iroh
  • Account Key: Orbital_Credentials

Orbital_Target

This target is used to make requests to Orbital.

  • Type: HTTP Endpoint
  • Protocol: HTTPS
  • Host: orbital.amp.cisco.com
  • Path: /v0
  • Account Key: None (uses an Orbital access token)

Private_CTIA_Target

This target is used for operations related to private threat intelligence such as casebooks and incidents.

  • Type: HTTP Endpoint
  • Protocol: HTTPS
  • Host: private.intel.amp.cisco.com
  • Path: None
  • Account Keys:
    • If using the SecureX Token account key: CTR_Credentials
    • If using the legacy method: None

ThreatGrid_Target

This target is used to make requests to ThreatGrid.

  • Type: HTTP Endpoint
  • Protocol: HTTPS
  • Host: panacea.threatgrid.com
  • Path: None
  • Account Key: None (uses a ThreatGrid API key)