Cisco Advanced Malware Protection (AMP) is a security solution that addresses the full lifecycle of the advanced malware problem. It can not only prevent breaches, but gives you the visibility and control to rapidly detect, contain, and remediate threats if they evade front-line defenses – all cost-effectively and without impacting operational efficiency.
AMP is an intelligence-driven, integrated enterprise-class advanced malware analysis and protection solution. You get comprehensive protection for your organization across the attack continuum – before, during, and after an attack.
- Before an attack, AMP uses global threat intelligence from Ciscos Collective Security Intelligence, Talos Security Intelligence and Research Group, and AMP Threat Grids threat intelligence feeds to strengthen defenses and protect against known and emerging threats.
- During an attack, AMP uses that intelligence coupled with known file signatures and Cisco AMP Threat Grids dynamic malware analysis technology to identify and block policy-violating file types and exploit attempts and malicious files trying to infiltrate the network.
- After an attack, or after a file is initially inspected, the solution goes beyond point-in-time detection capabilities and continuously monitors and analyzes all file activity and traffic, regardless of disposition, searching for any indications of malicious behavior. If a file with an unknown or previously deemed good disposition starts behaving badly, AMP will detect it and instantly alert security teams with an indication of compromise. It then provides unmatched visibility into where the malware originated, what systems were affected, and what the malware is doing. It also provides the controls to rapidly respond to the intrusion and remediate it with a few clicks. This gives security teams the level of deep visibility and control they need to quickly detect attacks, scope a compromise, and contain malware before it causes damage.