Advanced Malware Protection (AMP)

Prevent breaches, continuously monitor for malicious behavior on your network, and rapidly detect and remediate the most advanced malware.

Visibility and control to defeat advanced attacks

Cisco Advanced Malware Protection (AMP) provides you with global threat intelligence, advanced sandboxing, and real-time malware blocking to prevent breaches. But because you can’t rely on prevention alone, AMP also continuously analyzes file activity across your extended network, so you can quickly detect, contain, and remediate advanced malware.

AMP core capabilities


Threat intelligence

AMP is fueled by the best global threat intelligence to protect against known and emerging threats. Our Cisco Talos group analyzes millions of malware samples and terabytes of data per day and pushes that intelligence to AMP. AMP then correlates files, telemetry data, and file behavior against this context-rich knowledge base to proactively defend against threats.


Advanced sandboxing

Advanced sandboxing capabilities perform automated static and dynamic analysis of files against 500+ behavioral indicators. This uncovers stealthy threats and helps your security team understand, prioritize, and block sophisticated attacks.  


Point-in-time malware detection and blocking

Block malware trying to enter your network in real time. Using one-to-one signature matching, machine learning, and fuzzy fingerprinting, AMP analyzes files at point of entry to catch known and unknown malware. These tools provide faster time to detection and automatic protection for your organization. 


Continuous analysis and retrospective security

Once a file enters your network, AMP continues to watch, analyze, and record its activity, regardless of the file’s disposition. If malicious behavior is spotted later, AMP sends your security team a retrospective alert that contains the complete recorded history of the threat: where the malware came from, where it’s been, and what it’s doing. Then, AMP gives you the control to contain and remediate it with a few clicks.

Find the best AMP deployment for you

Advanced Malware Protection is subscription-based, managed through a web-based management console, and deployed on a variety of platforms.  

Protect your endpoints

Protect your endpoints

Get visibility into file and executable-level activity, and remediate malware on computers and mobile devices running Microsoft Windows, Mac OS, Linux, and Android.

AMP for ...


Protect your network

Protect your network

Get deep visibility into network-level and network-edge threat activity and block advanced malware.

AMP on a ...

Next-Generation Intrusion Prevention System

Next-Generation Firewall

Branch router (ISR)

Protect your email and web traffic

Protect your email and web traffic

Add AMP capabilities to email and web security appliances or to your cloud email and web security deployments.

AMP for ...



For increased protection, add AMP across multiple attack vectors. Read our white paper and view our AMP deployment options to learn more.

Related products


Threat Grid

Get advanced threat intelligence and static and dynamic malware analysis. Choose from a hardware appliance or cloud deployment. See more on Threat Grid

Cisco IT increases security effectiveness with Cisco AMP


"With AMP, we’re getting better results with defending our network automatically, as well as increased visibility to things happening on our network, and our ability to detect and contain threats has greatly improved."

Steve Martino, Chief Information Security Officer, Cisco


News and events


Attend a webinar

Join us for an in-depth look at AMP and other security solutions at any of our webinars.

See schedule

Stay updated on threat research

Learn about advanced threats seen in the wild, from the world’s threat intelligence experts.

Read blog

AMP is rated number one

AMP achieved a 99.2% security effectiveness rating in recent tests by NSS Labs.

Get the report

Meet the experts

John Doe

Keep up-to-date with malware protection

Meet our security engineers and product experts who share insights of emerging malware and the threat landscape on their Security blog. Get awareness of risks to your organization – and the best defenses.

For partners

Are you a Cisco partner?  Log in to see additional resources.

Looking for a solution from a Cisco partner? Connect with our partner ecosystem.