Cisco has unveiled a host of new capabilities and services that give security professionals extensive intelligence and analysis on potential compromises and solutions to protect against, respond to and recover from attacks.

The AMP Threat Grid is part of the Cisco Advanced Malware Protection (AMP) portfolio, which integrates innovation acquired through last year’s acquisition of ThreatGRID.

The integration will provide the latest malware threat intelligence and dynamic malware analysis capabilities, both on-premise and in the cloud, that strengthens Cisco AMP’s continuous analysis and zero-day detection capabilities.

In addition, Cisco is introducing Incident Response Services that equip UAE organisations with teams of information security experts that leverage threat intelligence and best practices for readiness and response from network to endpoint to cloud.

The new threat intelligence, dynamic malware analysis and retrospective security capabilities for Cisco AMP enhance protection across the attack continuum.

The AMP Threat Grid will provide dynamic malware analytics and threat intelligence.  Its analytics engines will provide security teams with breach detection against advanced malware, allowing them to quickly scope and recover from a breach by providing context-rich, actionable threat intelligence.

The solution will continuously record and analyse file activity at and after initial inspection. If a file exhibits malicious behaviour after the fact, retrospective security rolls back the tape to see the origin of a potential threat, the behaviour it exhibited, and provides built‐in response capabilities to contain and eliminate the threat.

Leveraging threat intelligence from the Cisco Talos Security Intelligence and Research Group, AMP and the expertise of the Cisco Security Solutions (CSS) team, the Incident Response Services group works with organizations to identify the source of infection, where it entered the environment, and what data was compromised.  

It will support businesses in two areas - cyber attack response and cybersecurity readiness.

Rabih Dabboussi, general manager, Cisco UAE: “Every day, organisations are faced with advanced threats that infiltrate and persist in company environments for months before they are discovered.  We believe that the most effective way to address these real-world challenges is continuous threat protection against these attacks.

“Further enhancements like advanced correlation of indicators of compromise, vulnerability mapping and expanded retrospective security further differentiate Cisco AMP and strengthen security teams’ responses before, during and after an attack. Attacks are occurring at an alarming rate.  

“Unfortunately, many enterprises do not have cybersecurity professionals with the necessary expertise and skills to prepare for and mitigate these attacks. The Cisco Incident Response Services team works with businesses to address these challenges, taking an intelligence-driven approach to security, so that security blind spots can be reduced and network visibility improved. Armed with this insight, Cisco can significantly minimise the impact of a breach via proven readiness and response services.” - TradeArabia News Service