Cisco Threat Grid
Understand and prioritize threats faster
Threat Grid combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. With a robust, context-rich malware knowledge base, you will understand what malware is doing, or attempting to do, how large a threat it poses, and how to defend against it.
Contact Cisco
Excelling in the AV-Comparatives test series
See malware test results for Cisco AMP for Endpoints in the latest mid-report fact sheet from AV-Comparatives.
Benefits
Make better decisions, faster
Threat Grid rapidly analyzes files and suspicious behavior across your environment. Your security teams get context-rich malware analytics and threat intelligence, so they’re armed with insight into what a file is doing and can quickly respond to threats.
Gain deep malware analysis
Threat Grid analyzes the behavior of a file against millions of samples and billions of malware artifacts. You get a global and historical view of the malware, what it’s doing, and how large a threat it poses to your organization.
Prioritize threats
Threat Grid identifies key behavioral indicators of malware and their associated campaigns. Security teams can save time by quickly prioritizing attacks with the biggest potential impact.
Speed up incident investigations
Understand and respond to threats faster. Take advantage of Threat Grid’s robust search capabilities, correlations, and detailed static and dynamic analyses. Use tools like Glovebox to safely interact with samples and observe malware behavior directly.
Get edge-to-endpoint integration
Accelerate malware threat detection and response with a powerful API that integrates and automates existing security products and processes.
How to deploy Threat Grid
Flexible deployment options give you a seamless fit. You can increase the number of malware samples submitted per day using sample packs. A cloud-based Premium subscription gives you access to premium threat intelligence feeds, the API, Glovebox, and more.
On premises
The 5004 and 5504 appliances provide highly secure malware analysis and advanced sandboxing. Information is kept on site. The appliance may be configured to share sample data with integrating devices.
In the cloud
Add robust historical and global context to malware analysis. A cloud subscription also gives you access to the APIs and subscriptions to over a dozen specialized threat intelligence feeds.
Integrated in a solution
Threat Grid has been integrated across the Cisco security portfolio, as well as numerous third-party security technologies.
Automating security intelligence
"Threat Grid took what was a manual process and allowed us to use a cloud-based service with better decision-making capability, so we can do 10 times, 20 times more malware introspection on a daily basis than we could before."
Roland Cloutier, Chief Security Officer, ADP
Cybersecurity agency automates malware analysis
"We wanted a partner we could trust with a scalable infrastructure that could handle hundreds of thousands of malware samples a day. And that’s exactly what this solution provides for us."
Adnan Baykal, Vice President, Security Services, Center for Internet Security
Strengthen your malware security
Learn the five key features for choosing the right malware security solution.
News and events
Threat Response
Unleash the full power of the Cisco Integrated Security Architecture.
Integrate with Meraki MX
AMP and Threat Grid bring advanced threat capabilities to the Meraki MX. (4:18 min)
Webinar: Accelerate Malware Analysis
Join Cisco and ThreatConnect to learn how orchestration enhances malware analysis.
Cisco’s flexible new Security Choice Enterprise Agreement provides security with more simplicity, greater value, faster responses, and predictable billing.
For partners
Are you a Cisco partner? Log in to see additional resources.
Looking for a solution from a Cisco partner? Connect with our security technical alliance partners.