Solution Briefs

Umbrella + AMP for Endpoints

Issue link: https://learn-umbrella.cisco.com/i/891757

Contents of this Issue

Navigation

Page 1 of 1

Solution brief Cisco Umbrella © 2017 Cisco and/or its affiliates. All rights reserved. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) Learn more Cisco AMP for Endpoints Cisco Umbrella AMP for Endpoints AMP for Endpoints is a cloud-managed endpoint security solution that prevents cyberattacks and rapidly detects, contains, and remediates malicious files on the endpoints. Overview Video | Demo Video AMP for Endpoints uses: • continuous analysis of file behavior • retrospective detection • antivirus inspection engine • static and dynanic file analysis (sandboxing via Threat Grid) • machine learning • vulnerability monitoring • exploit and memory protection Feature spotlight: • Proactive Blocking - AMP for Endpoints uses a combination of file reputation, behavioral indicators, sandboxing technology, and global threat intelligence provided by the Talos Security Intelligence Group to analyze unknown files and automatically block malware from trying to run on endpoints. • Continuous analysis and retrospective security – advanced malware can evade front-linedefenses and infiltrate an endpoint. AMP for Endpoints has you covered. It continuously monitors and records all file activity on endpoints to quickly spot malicious behavior. AMP then shows the complete recorded history of the malware's behavior over time—where themalware came from, where it's been and what it's doing. This enables you to retrospectively detect and remediate threats before damage can be done. Umbrella Umbrella is a cloud security platform that provides the first line of defense against threats on the internet for users on or off the corporate network. Umbrella delivers complete visibility into internet activity across all locations and endpoints, and can proactively block malicious requests before a connection is established. Overview Video | Demo Video Umbrella helps organizations: • Stop attacks earlier • Identify already infected devices faster • Prevent data exfiltration Feature spotlight: • Intelligence - Umbrella is built on a global network that resolves over 175 billion DNS(Domain Name System) requests every day, and derives intelligence directly from that data. Using a combination of machine learning and human intelligence, the datais analyzed to identify patterns, detect anomalies, and create statistical models to automatically uncover current attacks and attacker infrastructure being staged for the next threat. • Intelligent proxy - The Umbrella intelligent proxy provides customers more granular protection. If Umbrella receives a request for a domain that is neither known good or bad,it is routed to the proxy for deeper inspection. Umbrella uses a combination of Cisco Talos,Cisco web reputation systems, and partner feeds to block millions of malicious URLs. Umbrella provides file inspection using an AV engine and Cisco AMP. " Without Umbrella and AMP for Endpoints, detection and recovery would literally have costs us months of work and frustration." Tony Hynes Director of IT Security Axcess Financial " We have much greater confidence in the security of our endpoints with Cisco Umbrella combined with Cisco AMP. We have had zero malware infections since our implementation 3 years ago." Engineer, Medium Enterprise Financial Services CompanyLearn 1. Effective Incident Detection and Investigation Saves Money, IDC, 2016 2. Cisco 2018 Security Capabilities Benchmark Study 3. Ponemon 2018 Cost of a Data Breach Study

Articles in this issue

Links on this page

view archives of Solution Briefs - Umbrella + AMP for Endpoints