Cisco Secure Malware Analytics (Threat Grid)

On-Premises Malware Analysis, Threat Intelligence

Empower your security team with context-focused intelligence to quickly recover from and proactively defend against attacks. AMP Threat Grid Appliances combine advanced malware analysis with comprehensive threat analytics and content in one on-premises appliance. They are designed for organizations that have compliance or policy restrictions on submitting malware samples to the cloud.

Edge to Endpoint Malware Analysis

Threat Grid provides a common analysis platform across your security infrastructure.

Beyond the Sandbox

Listen to Forrester, ADP, and Cisco discuss sandboxing as a means to fight against malware.

Features and Capabilities

On-Premises Appliance

Get powerful, advanced malware analysis, comprehensive threat analytics, and compliance, all in one on-premises appliance. Information submitted to the AMP Threat Grid appliance, or generated during local analysis, is safely and more securely kept within the organization. It provides the malware protection you need while helping to ensure adherence to organizational requirements.

You also get the most up-to-date malware knowledgebase and behavioral indicators. The appliance has a manual update feature that allows it to stay current while maintaining compliance with corporate and regulatory restrictions.

Advanced Analytics

The AMP Threat Grid appliance delivers context-driven security analytics to accurately identify attacks, in near real time. Files are analyzed and correlated against hundreds of millions of other analyzed malware artifacts to provide a global view of malware attacks, campaigns, and their distribution. Detailed reports identify key behavioral indicators and determine threat scores for faster prioritization and recovery from advanced attacks.

Behavioral Indicators and Threat Score

Arm your team to prioritize and respond rapidly and efficiently with confidence. Over 450 indicators produced through static and dynamic analysis covering malware families, malicious behavior, and more can ensure analysis is accurate and specific.

Threat score, a reflection of maliciousness, delivers detailed descriptions and actionable information to gain deep knowledge and insight into malware behavior and various attack techniques. Proprietary analysis and algorithms determine the confidence and severity of a threat by a score for better prioritization.

Advanced Search, Correlation, and Reporting

AMP Threat Grid Appliance provides accurate detection of advanced malware attacks. Robust search, correlation, and reporting capabilities provide detailed information on current and historical malware artifacts, indicators, and samples. Detailed analysis reports include all malware sample activities, including network traffic and artifacts.

Powerful API and Platform

Automate for faster detection and response. Use the REST API in conjunction with the appliance to easily integrate premium feeds into existing security infrastructures such as security information and event management (SIEM), intrusion detection systems (IDS), gateways, and proxies for faster detection and blocking of malware.

Specifications at a Glance

Cisco AMP Threat Grid 5000 Series

  • Capacity 5000: Up to 1500 samples per day
  • Capacity 5500: Up to 5,000 samples per day
  • General: Cisco UCS C220 M3 Chassis; 2 x E5-2697 CPUs (2.7 Ghz / 12-Core / 30 MB cache per CPU); 512 GB DDR3 RAM; 2 x 100 GB SSD (OS/apps); 6 x 1 TB 7.2K RPM HDD with LSI hardware RAID
  • Interfaces: TBD
  • Power: 2 x 650 Watt AC

Rapid Breach Detection, Remediation

Cisco AMP gives you the visibility and control to stop malware in its tracks.

Security Everywhere

Confront today's threats with security as pervasive as the IoE.

Additional Resources

Contact Cisco

  • Call Sales:
  • 1-800-553-6387
  • CAN | 8am - 8pm Eastern