January 21, 2021

Cisco has unveiled a raft of new security capabilities and services in the face of burgeoning security and compliance threats to organisations around the world.The new capabilities give security professionals extensive intelligence and analysis on potential compromises and solutions to protect against, respond to and recover from attacks.



The company has added AMP Threat Grid to the Cisco Advanced Malware Protection (AMP) portfolio, which integrates innovation acquired through last year’s acquisition of ThreatGRID.

This integration provides the latest malware threat intelligence and dynamic malware analysis capabilities, both on-premise and in the cloud, that strengthens Cisco AMP’s continuous analysis and zero-day detection capabilities.

In addition, it is introducing Incident Response Services that equip organisations with teams of information security experts that leverage threat intelligence and best practices for readiness and response from network to endpoint to cloud.

As dynamic as the modern threat landscape is, there are some constants; adversaries are committed to continually refining and developing new techniques that can evade detection and hide malicious activity.

This is evident by the 250 per cent increase in malvertising attacks as cited in the Cisco 2015 Annual Security Report.

Additionally, the report continues to show that enterprises are in a persistent state of infection, showing 100 percent of networks analysed had traffic going to websites hosting malware. AMP is deployable across the extended network including endpoints, mobile devices, virtual systems, as well as Cisco web and email security appliances. AMP Threat Grid provides dynamic malware analytics and threat intelligence.

These advanced capabilities are provided as a standalone cloud service or via new UCS based on premise appliances.

AMP Threat Grid analytics engines provide security teams with breach detection against advanced malware, allowing them to quickly scope and recover from a breach by providing context-rich, actionable threat intelligence.

ADP global chief security officer, Roland Cloutier, said integration of AMP Threat Grid into its environment provides the existing security, risk, and privacy business protection technologies with automated and integrated threat intelligence, enhancing their effectiveness and enriching our overall cyber defense posture.

“This advanced threat picture enables our Critical Incident Response Centers to more rapidly analyse and mitigate potential malware,” he said.

Cisco vice-president, chief architect, security business group, Marty Roesch, said organisations were faced with advanced threats that infiltrated and persisted in company environments for months before they were discovered.

“We believe that the most effective way to address these real-world challenges is continuous threat protection against these attacks,” he said.

“Further enhancements like advanced correlation of indicators of compromise, vulnerability mapping and expanded retrospective security further differentiate Cisco AMP and strengthen security teams’ responses before, during and after an attack.” Cisco vice-president, security solutions group, James Mobley, said attacks were occurring at an alarming rate.

“Unfortunately, many enterprises do not have cybersecurity professionals with the necessary expertise and skills to prepare for and mitigate these attacks,” he said.

“The Cisco Incident Response Services team works with businesses to address these challenges, taking an intelligence-driven approach to security, so that security blind spots can be reduced and network visibility improved.

“Armed with this insight, Cisco can significantly minimise the impact of a breach via proven readiness and response services.”