Cisco AMP Threat Grid - Cloud

Unified Malware Analysis and Threat Intelligence

Empower your security team with context-rich intelligence to quickly recover from and proactively defend against attacks. AMP Threat Grid combines advanced malware analysis with deep threat analytics and content for a global view of threat activity in your environment. AMP Threat Grid is available as either a cloud-based software as-a-service or an on-premises appliance.

rapid-breach-100x80

Edge to Endpoint Malware Analysis

Threat Grid provides a common analysis platform across your security infrastructure. (2:07 min)

Watch Video
approach-security-100-80

Beyond the Sandbox

Listen to Forrester, ADP, and Cisco discuss sandboxing as a means to fight against malware.

Watch Video

Features and Capabilities

Advanced Threat Intelligence and Analysis

AMP Threat Grid delivers context-driven security analytics to accurately identify attacks in near real time. The product analyzes millions of files and correlates them against hundreds of millions of other analyzed malware artifacts. Customers gain a global view of malware attacks, campaigns, and their distribution.

Detailed reports identify key behavioral indicators and determine threat scores for faster prioritization and recovery from advanced attacks.

Behavioral Indicator Creation and Threat Score

Arm your team to prioritize and respond rapidly and efficiently with confidence. Over 450 indicators produced through static and dynamic analysis covering malware families, malicious behavior, and more can ensure analysis is accurate and specific.

Threat score, a reflection of maliciousness, delivers detailed descriptions and actionable information to gain deep knowledge and insight into malware behavior and various attack techniques. Proprietary analysis and algorithms determine the confidence and severity of a threat by a score for better prioritization.

Premium Content Feeds

Automate for faster detection and response. Easily integrate premium feeds into existing security infrastructures such as security information and event management (SIEM), intrusion detection systems (IDS), gateways, and proxies for faster detection and blocking of malware.

AMP Threat Grid analyzes millions of samples monthly and distills terabytes of rich, actionable content into clearly categorized and easily consumable content feeds. The feeds, delivered in standard formats, are easy to operationalize and automate.

Advanced Search, Correlation, and Reporting

AMP Threat Grid can enable accurate detection and defense against advanced attacks. Robust search, correlation, and reporting capabilities provide detailed information on current and historical malware artifacts, indicators, and samples. Detailed analysis reports include all malware sample activities, including network traffic and artifacts.

Flexible and Scalable

AMP Threat Grid is designed to meet the advanced threat protection needs of any organization. With a powerful and easy-to-use REST API, AMP Threat Grid seamlessly integrates with your existing security infrastructure. It is available as either an on-premises appliance or a cloud-based solution.

Edge to Endpoint Integration

AMP Threat Grid's sandboxing technology has been integrated across Cisco's security portfolio to provide more visibility into more places than ever before. It shares, correlates, and synthesizes information across multiple security control points. The integration from network edge to endpoint increases visibility and control while reducing time to detection and time to remediation of advanced malware.

Specifications at a Glance

Supported file types for analysis:

  • PE32 files - executable (.EXE), libraries (.DLL)
  • Java archives (.JAR)
  • Portable document format (.PDF)
  • Office documents: .RTF, .DOC(X), .XLS(X), .PPT(X)
  • ZIP (.ZIP) as a container
  • URLs: Internet shortcut files or URLs
  • HTML documents

Supported environments:

  • Windows XP
  • Windows 7 32 bit and 64 bit
  • Application version support
approach-security-100-80

Security Everywhere

Confront today's threats with security as pervasive as the IoE.

Get Report
approach-security-100-80

Cisco 2015 Midyear Security Report

Understand the innovation race between attackers and defenders.

Download Report

Additional Resources

Data Sheets and Literature

Let Us Help