Cisco Advanced Malware Protection for Endpoints


Protect devices from malware attacks

Protect PCs, Macs, Linux systems, and mobile devices, whether connected to a protected network or roaming on the Internet.  With AMP for Endpoints, you get the visibility and control you need to prevent breaches. And, if something gets in, AMP can quickly detect, contain, and remediate malware before damage is done. 

Contact Us



Deep visibility and control

Advanced malware can evade your defenses and get inside. AMP for Endpoints gives you the deepest visibility and control of any AMP deployment to protect against advanced threats that slip by your front-line defenses. See into executable and file activity, and remediate malware with a few clicks.


Threat intelligence and sandboxing

Our Cisco Talos group analyzes millions of malware samples and terabytes of data per day, and pushes that intelligence to AMP so you’re protected 24/7. Also, advanced sandboxing capabilities perform automated static and dynamic analysis of files against 500+ behavioral indicators to uncover stealthy threats.


Malware blocking

AMP automatically detects and blocks known and emerging threats in real time using one-to-one signature matching, fuzzy fingerprinting, machine learning, and other detection methods.


Continuous analysis

Once a file lands on the endpoint, AMP continues to watch, analyze, and record file activity, regardless of the file’s disposition. When malicious behavior is detected, AMP shows you a recorded history of the malware’s behavior over time: where it came from, where it’s been, and what it’s doing. Then you can stop the file from executing on all endpoints, and remediate with a few clicks.

To learn more, watch this video


Broad endpoint coverage

Malware can attack through a variety of attack vectors. AMP protects endpoints running Windows or Mac OS, Android mobile devices, and Linux systems. Deploy AMP’s lightweight connector, and users see no impact on device performance since AMP performs all analysis in the cloud, not on the endpoint itself.

How to deploy

It’s simple. AMP is a cloud-based “software-as-a-service” solution. You deploy AMP’s lightweight connector on your endpoints, and then set up your account. Work with your Cisco salesperson or partner and follow these easy steps.

Choose the number of endpoints

50? 1000? 100,000? There’s no limit. The choice is yours.

Choose a subscription term

Terms are available for 1, 3, or 5 years.

Deploy the connector

Deploy AMP’s lightweight connector on your endpoints and sync with your account.

High-privacy restrictions?

If so, deploy AMP for Endpoints as an on-premises, air-gapped AMP Private Cloud Virtual Appliance

See more threats than ever before

Cognitive Threat Analytics integration


AMP for Endpoints just got better. We recently integrated our Cognitive Threat Analytics (CTA) platform with AMP for Endpoints. Get more visibility to stop advanced threats, and see 30% more infections on average.




University uncovers and eliminates stealthy malware


"We received a malware alert. Within a few minutes in the AMP console we were able to determine the malware was using prohibited websites to mask its network traffic. AMP provides us the visibility and control on our endpoints to provide the IT security needs of the university without inhibiting academic freedom and research."

Tim McGuffin, Information Security Officer, Sam Houston State University



See why you can count on AMP

NSS Labs ran a test comparing breach detection systems. AMP achieved the highest rating for security effectiveness of any security vendor: 99.2%.

Get the report

Protect your endpoints

Learn how to protect endpoints continuously in a point-in-time world.

Get white paper

News and events

AMP Webinar Series

AMP Webinar Series

Want to learn how AMP can strengthen your organization’s security defenses? Join us for an in-depth look during one of our many webinars.

Attend webinar
Talos Threat Research Blog

Talos Threat Research Blog

Learn about the latest advanced threats seen in the wild, from the world’s industry-leading threat intelligence experts.

Read blog
Cisco 2016 Midyear Cybersecurity Report

Cisco 2016 Midyear Cybersecurity Report

Learn how to undermine an attacker's impact.

Download Report

For partners

Are you a Cisco partner?  Log in to see additional resources.

Looking for a solution from a Cisco partner? Connect with our partner ecosystem.