Solution Briefs

Umbrella + AMP for Endpoints

Issue link: https://learn-umbrella.cisco.com/i/891757

Contents of this Issue

Navigation

Page 0 of 1

Solution brief Cisco Umbrella Protect your users and devices with Cisco Umbrella and Cisco AMP for Endpoints © 2019 Cisco and/or its affiliates. All rights reserved. Challenges of protecting endpoints An estimated 70% of breaches start on endpoints - laptops, workstations, servers, and mobile devices 1 . Why do endpoints continue to be the primary point of entry for attacks? Needs of an organization Organizations need deep visibility into where their users are trying to connect on the Internet and the ability to stop malicious behavior across their devices. Effective protection for endpoints Cisco Umbrella and Cisco AMP for Endpoints together provide the first and last line of defense to help you prevent, detect and respond to attacks before damage can be done. Prevent Detect Respond AMP for Endpoints • Blocks attacks at initial inspection monitoring files, memory, and behavior • Uses sandbox (powered by ThreatGrid) to analyze unknown files Umbrella • Blocks malicious Internet requests (domain, URL, & IP) before connections are ever made AMP for Endpoints • Continuously analyzes all file activity to detect malicious behavior and retrospectively alert on net new threats Umbrella • Learns where attacks are staged and detects attackers infrastructure in order to proactively block threats AMP for Endpoints • Shows the full history and context of acompromise • Provides blocking of malware with a single click Umbrella • Provides rich threat intelligence on domains, IPs, and file hashes so you can triage faster. Gaps in protection When users and endpoints are off-network, preventative tools like antivirus are often the only protection available. This is not enough when it comes to today's advanced threats. Gaps in visibility Organizations are often blind to malware attacks and the scope of a compromise. They have limited visibility into user and endpoint activity, and lack the context to see where malware came from, where it has been, and what it's doing. They can't detect what they can't see. User error An attacker sends out a phishing email with a malicious attachment or link. Despite training or countless warnings, it's inevitable, users are going to open or click things that they shouldn't. 57% of organizations say that mobile devices are one of the most challenges areas to defend 2 56% of organizations say that user behavior is one of the most challenges areas to defend 2 197 days Industry average detection time for a breach 69 days Industry average time to contain a breach 3

Articles in this issue

view archives of Solution Briefs - Umbrella + AMP for Endpoints