Cisco Advanced Malware Protection (AMP) for Endpoints [product review]

Introduction

In today’s cyber-threat landscape, the network infrastructure is often viewed as a prized possession by the cyber-attacker. There are numerous reasons for this, one of them being that once he or she has some sort of entry into the infrastructure, they can over a period of time gain access to many of the servers and the databases that reside on it.

Many businesses and corporations are taking the strategy of simply doubling or even tripling down of the technologies that they deploy in order to beef up their lines of defenses. This is actually the wrong approach to take, as it merely increases the attack surface for the hacker and gives them more points of entry.

In this article, we examine one tool that can provide the needed security from beginning to the end for your critical network-based assets – the Cisco Advanced Malware Protection (AMP) for Endpoints.

What Exactly Is the AMP?

The AMP provides a high-powered, enterprise-grade level protection system to protect your network infrastructure from all sorts of malware, which will help prevent newer variants of it from attacking your business (examples of this include Ransomware, Business Email Compromise, etc.). This tool also provides high level analytics so that you can further study attack profiles and signatures before they become a threat to you.

With the AMP, you get protection at three distinct levels:

  • Before an attack actually occurs: The AMP makes use of the Talos Security Intelligence and Research Group and Threat Grid feeds to alert you of any potential cyber-threats that are on the horizon
  • When an attack actually occurs: If your organization is hit by malware, the AMP uses the above-described feeds in order to identify and prevent malicious data packets that are attempting to break through and infiltrate your (Read more…)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Ravi Das (writer/revisions editor). Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/nWBXjuHHUJg/