AMP for Endpoints
Be in the Know! All things Security at Cisco Live US
Cisco Live San Diego is in full swing! There is a lot going on throughout the week and Cisco Security is showing up in a big way. Whether you’re in person or not, some exciting announcements came out during the week and I want to make sure you are in the know about all things security. Check…
Staying Ahead of ‘Andromeda-Style’ Threats in Your Environment
Why rapid attack containment and a short remediation cycle matter When a new threat gets in the environment, a security incident could unfold very quickly. Detecting the compromise and taking control of the infected endpoint fast is not only critical to preventing the spread of the threat, it is als…
Incident response: Putting all the R’s in IR
It is well established that the ‘R’ in IR stands for “Response.” But given the challenges facing incident response teams today, IR could just as well stand for “It’s Rough.” The landscape is challenging, tools are multiplying, and the talent shortage seems insurmountable. First of all, according to…
Three New Integrations for AMP for Endpoints with IBM Security
IBM and Cisco Security continue to work together to deliver advanced integrations, resulting in improved network visibility and faster threat detection and response. We recently released two new integrations with Cisco AMP for Endpoints (AMP4EP) for IBM QRadar Security Intelligence Platform and for…
Threat Hunting for the Holidays
How to stop the ‘Grinch’ from breaking your endpoint defenses You’re gearing up for the holidays. But then your phone rings – it’s your manager. He just heard the news that another malware strain is on the loose. Just like the Grinch, it is a ‘mean one,’ posing a vicious threat to the security of co…
Defeating Polymorphic Malware with Cognitive Intelligence. Part 3: Static Analysis
Nowadays, everyone likes to talk about the use of machine learning in cybersecurity. Almost every security vendor leverages machine learning in one form or another. Organizations employ security teams with data analysis skills to automate threat hunts. But what does it really take to build a scalabl…
Empowering Defenders: AMP Unity and Cisco Threat Response
Defenders have a lot of work to do, and many challenges to overcome. While conducting the Cisco 2018 Security Capabilities Benchmark Study, where we touched more than 3600 customers across 26 countries, these assumptions were confirmed. We have seen that defenders are struggling with the orchestrati…
Defeating Polymorphic Malware with Cognitive Intelligence. Part 2: Command Line Argument Clustering
Co-authored with: Jan Jusko, Harry Nayyar, and Danila Khikhlukha. Adversaries continue to evolve their techniques to evade detection. Static analysis approaches are prone to evasion using malicious packers, code obfuscation, and polymorphism. That means that the vast majority of malware is unique to…
How Alliances Strengthen Your Cybersecurity Defenses
When we started the Cisco Security Technology Alliance (CSTA) a few years ago, we didn’t envisage it growing into such a large ecosystem of technology spanning the breadth of our Cisco Security portfolio in such a short span of time. But security is most effective when it works as an integrated syst…