Strengthen your security

Take advantage of Threat Grid’s integration across the Cisco security portfolio. And integrate it with third-party security technologies.

Cisco Advanced Malware Protection (AMP) for Networks

AMP for Networks provides visibility and control beyond point-in-time detection. It protects against highly sophisticated, targeted, zero-day, and persistent advanced malware threats. Unknown files are immediately analyzed by our malware analysis engines. Analysis results are shared across your AMP infrastructure. You get an integrated set of controls that protect your network across the attack continuum.


Threat Grid has been integrated with the industry's first adaptive, threat-focused next-generation firewall (NGFW), as well as the Cisco ASA with FirePOWER Services. Malware analysis engines are combined with firewall protection in a single device. You get automated sandboxing of unknown files as they try to enter the network.

Next-Generation Intrusion Prevention System

Get advanced automated malware sandboxing of unknown files at the network edge by our NGIPS. Results are presented through the Firepower Management Center and shared with AMP.

Cisco AMP for Endpoints

Threat Grid automatically analyzes low-prevalence executables identified by AMP for Endpoints. It also provides on-demand malware analysis capabilities. All samples are given a threat score, so you can rapidly triage incidents.

AMP Private Cloud

If your organization has privacy requirements that restrict the use of a public cloud, the Cisco AMP Private Cloud virtual appliance is an on-premises, air-gapped option. Malware analysis is highly secure, and all analyzed files remain within your physical and logical boundary.

Web and Email Security

Web and Email Security

Web and email remain the top vectors for malware. Threat Grid has been integrated into Cisco Web and Email Security solutions. It enhances malware detection using advanced static and dynamic malware analysis technologies.

Meraki MX

Threat Grid’s dynamic malware analysis is combined with the Meraki unified threat management (UTM) solution to provide deep visibility into threats across branch locations and remote offices. Managing security is easier, yet you gain advanced threat capabilities. Security teams can better understand, prioritize, and mitigate attacks.

Cisco Umbrella

Threat Grid is integrated with Cisco Umbrella to identify all malicious domains discovered during analysis. Customers can automatically block users from connecting to the known malicious domains, preventing data exfiltration.

Other products

AMP license holders may increase the daily submission limit with sample packs, or add the full Threat Grid Premium, which offers all Threat Grid functionality, including premium threat intelligence feeds, API access, investigative capabilities, and the unique Glovebox malware interaction tool.

Cisco Threat Grid is also available as a highly secure, on-premises appliance that does not transmit data outside the enterprise. Sensitive and compliance-protected data remains safely on site.


Integrations with third-party solutions

Our partner ecosystem makes it easier for you to automate sample submissions from your existing security technologies.

Cisco partner products that have integrated Threat Grid malware analysis into their products include:

  • Acuity Solutions BluVector
  • CyberSponse Orchestrator
  • Guidance Software EnCase
  • LogRhythm Security Intelligence Platform
  • Malformity Labs Maltego
  • Phantom
  • Swimlane Security Operations Manager
  • RSA Security Analytics
  • ThreatConnect
  • TrapX DeceptionGrid
  • TripWire Enterprise

Threat intelligence platforms that use Threat Grid malware feeds include:

  • Anomali
  • Centripetal Networks
  • ThreatConnect
  • ThreatQuotient