Protect your endpoints with Cisco AMP for Endpoints and Cisco Umbrella

An estimated 70% of breaches start on endpoints - laptops, workstations, servers, and mobile devices. Why do endpoints continue to be the primary point of entry for attacks?

GAPS IN PROTECTION

When users and endpoints are off-network, preventive tools like anti-virus are often the only protection. With today’s sophisticated threats, that is not enough.

GAPS IN VISIBILITY

Organizations are often blind to malware attacks and the scope of a compromise. they have limited visiblity into user and endpoint activity, and lack the context to see where malware came from, where it has been, and what it’s doing. they can’t detect what they can’t see.

USER ERROR

An attacker sends out a phishing email with a malicious attachment or link. Despite training or countless warnings, it’s inevitable that users are going to open or click things they shouldn’t.

NEEDS OF AN ORGANIZATION

Organizations need deep visibility into what files and users are doing on the endpoint itself, and where that endpoint is trying to connect to on the internet—plus the control to stop malicious behavior.

EFFECTIVE PROTECTION FOR ENDPOINTS

Cisco AMP for Endpoints and Cisco Umbrella are two security solutions that work in harmony to provide the visibility, context, and control needed to prevent, detect and respond to attacks targeting endpoints, before damage can be done.

PREVENT

AMP for Endpoints

  • Blocks known threats at initial inspection
  • Uses Sandbox to analyze unknown files

Umbrella

  • Blocks Malicious internet requests (domain, URL, & IP) regardless of delivery mechanism (email, web drive-by, etc)

DETECT

AMP for Endpoints

  • Continuously analyzes all file activity on endpoints to quickly detect malicious behaviour and retrospectively alert security teams

Umbrella

  • Prevents command and control (C2) callbacks to attacker’s servers to stop data file exfiltration and execution of ransomware encryption

RESPOND

AMP for Endpoints

  • Show full history and context of a compromise
  • Can stop attacks via outbreak control capabilities and quarantining files

Umbrella Investigate

  • Provides up-to-the minute threat data and historical context about domains, IPs, and file hashes for faster investigation

AMP FOR ENDPOINTS

AMP for Endpoints is a cloud-managed endpoint security solution that prevents cyberattacks and rapidly detects, contains, and remediates malicious files on the endpoints.

AMP FOR ENDPOINTS USES

  • continuous analysis of file behavior
  • retrospective detection
  • antivirus inspection engine
  • static and dynanic file analysis (sandboxing via Threat Grid)
  • machine learning
  • vulnerability monitoring
  • exploit and memory protection

UMBRELLA

Umbrella is a cloud security platform that provides the first line of defense against threats on the internet for users on or off the corporate network. Umbrella delivers complete visibility into internet activity across all locations and endpoints, and can proactively block malicious requests before a connection is established.

Umbrella helps organizations:

  • stop attacks earlier
  • identify already infected devices faster
  • prevent data exfiltration