Advanced Malware Protection (AMP)

Breach prevention. Continuous monitoring of malicious behavior. Rapid malware detection. Malware removal.

Secure your remote workforce, fast

If you're looking to increase protection for your remote employees so they can work from any device, at any time, from any location, get started with the Cisco Secure Remote Worker solution.

New from Cisco Security

Did you miss our Virtual Security Summit? Check out the replay, where we announce some major news.

Hunt for the riskiest 1% of threats. Cisco Endpoint Security can help you go from exposed to empowered in seconds.

Visibility and control to defeat advanced attacks

Get global threat intelligence, advanced sandboxing, and real-time malware blocking to prevent breaches with Cisco Advanced Malware Protection (AMP). But because you can’t rely on prevention alone, AMP also continuously analyzes file activity across your extended network, so you can quickly detect, contain, and remove advanced malware.

Find the best AMP deployment for you

Advanced Malware Protection is subscription-based, managed through a web-based management console, and deployed on a variety of platforms.  

Protect your endpoints

Our endpoint security helps you block malware at the point of entry, gain visibility into file and executable-level activity, and remove malware from PCs, Macs, Linux, and mobile devices.

AMP for Endpoints

Protect your network

Get deep visibility into network-level and network-edge threat activity and block advanced malware.

AMP for Networks

Protect your email

Add AMP capabilities to email and web security appliances or to your cloud email and web security deployments.

AMP for Email Security

AMP for Web Security

Lessons from the cybersecurity C-suite

From successes to slow progress, learn how security leaders navigate the cybersecurity landscape.

Related products

Threat Grid

Get advanced threat intelligence and malware analysis in a hardware appliance or cloud deployment.

Security Connector

Protect your mobile workforce better with the Cisco Security Connector, built for iOS devices.

Key features

Global threat intelligence

Our Cisco Talos experts analyze millions of malware samples and terabytes of data per day and push that intelligence to AMP. AMP then correlates files, telemetry data, and file behavior against this context-rich knowledge base to proactively defend against known and emerging threats.

Advanced sandboxing

Advanced sandboxing capabilities perform automated static and dynamic analysis of files against more than 700 behavioral indicators. These analyses uncover stealthy threats and help your security team understand, prioritize, and block sophisticated attacks.

Point-in-time malware detection and blocking

Block malware trying to enter your network in real time. Using AV detection engines, one-to-one signature matching, machine learning, and fuzzy fingerprinting, AMP analyzes files at point of entry to catch known and unknown malware. The result? Faster time to detection and automatic protection.

Continuous analysis and retrospective security

Once a file enters your network, AMP continues to watch, analyze, and record its activity, regardless of the file’s disposition. If malicious behavior is spotted later, AMP sends your security team a retrospective alert that tells them where the malware came from, where it’s been, and what it’s doing. In a few clicks, you can contain and remediate it.

Additional AMP Everywhere Integrations

Make sure you are fully protected by AMP across all components of your network with these additional integrations.

Experience advanced malware protection

The fight against today’s advanced threats calls for advanced malware security.

Cisco AMP for Endpoints provides next-generation endpoint protection, scanning files using a variety of antimalware technologies, including the Cisco antivirus engine.

Cisco Advanced Malware Protection then goes a step further than most malware detection tools, continuously monitoring every file in your network. If Cisco AMP detects malicious behavior, it helps you remediate quickly.

Cisco AMP for Endpoints shares threat intelligence with your network security, email security, and web security appliances. The result? A cohesive environment of malware protection tools that exchange threat intelligence and learn from one another.

Ready to see advanced malware protection in action? Get our two- to four-week trial.

AMP for Endpoints success stories

Turkish Airlines takes security to new heights

"Our security center uses Cisco AMP on a 24/7 basis. Using Cisco AMP is similar to having another pair of hands, in a sense. The team can monitor the whole system architecture through it."

--Kadir Yildiz, Vice President of IT Governance, Turkish Airlines

Destel partners with Cisco for a profitable business

"Cisco’s AMP for Endpoints solution is the most powerful threat intelligence platform in the world."

--Hakan Tas, Senior Solution Architect, Destel

Securing the world's largest airport with Cisco AMP

"Out-of-the-box integration is really important for us. The implementation process is not easy in the SOC operations. But we saw that Cisco AMP has very easy deployment and usability features."

--Emrah Bayarcelik, Head of Security at Istanbul Grand Airport

News and events

Have you heard of invisible malware?

Our threat researchers have discovered new strains of fileless malware that turn everything we knew about malware upside down.

Cisco Umbrella now includes AMP

Block malicious files being downloaded from risky websites even when off the corporate network.

See threats once. Block everywhere.

Cisco is a leader in NSS Labs’ Breach Detection test for the third year in a row, detecting 100% of malware, exploits, and evasions.

For partners

Are you a Cisco partner?  Log in to see additional resources.

Looking for a solution from a Cisco partner? Connect with our security technical alliance partners.