Cisco has today expanded its portfolio of services with the addition of AMP Threat Grid to the Cisco Advanced Malware Protection and new models of Cisco ASA with FirePOWER Services.
Cisco ASA with FirePOWER Services provides a threat-focused firewall. The multi-layered threat protection solution combines stateful firewall, application visibility and control, advanced malware protection and next-generation intrusion prevention capabilities into a single device.
The solution uses automated tuning and correlation capabilities to prioritise events and reduce false positive alerts. It also flags previously unknown malware, reducing time to detection and time to resolution.
Cisco also announced the addition of AMP Threat Grid to the Cisco Advanced Malware Protection portfolio. The service provides malware threat intelligence and dynamic malware analysis capabilities, both on-premise and in the cloud.
AMP Threat Grid’s analytics engines provide security teams with breach detection against advanced malware. AMP for Endpoints brings new visibility to the extended network by providing a list of hosts containing vulnerable software, the vulnerable software each is carrying and the hosts most likely to be compromised.
The solution also records and analyses file activity at and after initial inspection. Files that exhibit malicious behaviour are analysed to discover the origin of the threat and analyse the behaviour exhibited, with built-in response capabilities provided to contain and eliminate the threat.
Meanwhile, security teams can perform deeper levels of investigation on lesser known advanced threats specific to local applications by submitting Endpoint Indicators of Compromise to Cisco AMP. AMP for Endpoints displays files executed across the organisation ordered from lowest to highest number of instances, while customers can also submit identified low prevalent files for malware analysis.
Additionally, Cisco introduced Incident Response Services, which will equip organisations with information security experts to use threat intelligence and provide examples of best practices for readiness and response from network to endpoint to cloud. The group works with organisations to identify the source of infection, where it entered the environment, and what data was compromised
David Goeckeler, Senior Vice President, Cisco Security Business Group, commented: "Hacking is a sophisticated business and as the attackers become even more profit-driven, midsize businesses, branch offices and industrial environments are increasingly in their crosshairs.
"As organisations work to protect themselves and their partners, they require security solutions that combine sophistication and simplicity, while also offering low TCO. The new models of Cisco ASA with FirePOWER Services address that exact need with advanced threat protection capabilities along with easier management and cost savings that improve an organisation’s security efforts – before, during and after an attack."
Marty Roesch, Vice President, Chief Architect, Cisco Security Business Group, said: "Every day organisations are faced with advanced threats that infiltrate and persist in company environments for months before they are discovered. We believe that the most effective way to address these real-world challenges is continuous threat protection against these attacks.
"Further enhancements like advanced correlation of indicators of compromise, vulnerability mapping and expanded retrospective security further differentiate Cisco AMP and strengthen security teams’ responses before, during and after an attack."