Stop Threats Before They Compromise Your Business

Stop Threats Before They Compromise Your Business

As threats continue to evolve in sophistication, so must enterprise security practices. Organisations are relying on a layered approach to address the advanced tactics used during the attack continuum: before, during, and after an attack. Cisco Umbrella and Cisco Advanced Malware Protection (AMP) for Endpoints provide strong layers of defence to address this continuum.

Challenges of Protecting Endpoints

An estimated 70% of breaches start on endpoints – laptops, workstations, servers, and mobile devices¹. Organisations are often blind to malware attacks and the scope of a compromise. They have limited visibility into user and endpoint activity, and lack the context to see where malware came from, where it has been, and what it’s doing. They can’t detect what they can’t see.

%

57% of organisations say that mobile devices are one of the most challenging areas to defend2

%

56% of organisations say that user behaviour is one of the most challenging areas to defend

Effective Protection for Endpoints

Working at different yet complementary layers, Umbrella prevents connections to malicious destinations and command and control callbacks at the DNS and IP layers while AMP works at the file level to prevent the initial malware execution and track file behaviour over time. Together these solutions help organisations to protect against blended threats that use both email and web, and other more sophisticated techniques.

Prevent

AMP for Endpoints

  • Blocks attacks at initial inspection by monitoring files, memory, and behaviour
  • Uses sandbox (powered by ThreatGrid) to analyse unknown files

Umbrella

  • Blocks malicious Internet requests (domain, URL, & IP) before connections are ever made

Detect

AMP for Endpoints

  • Continuously analyses all file activity to detect malicious behaviour and retrospectively alert on net new threats

Umbrella

  • Learns where attacks are staged and detects attackers infrastructure in order to proactively block threats

Respond

AMP for Endpoints

  • Shows the full history and context of a compromise
  • Provides blocking of malware with a single click

Umbrella

  • Provides rich threat intelligence on domains, IPs, and file hashes so you can triage faster.

Cisco Umbrella

Umbrella is a cloud security platform that provides the first line of defence against threats on the internet for users on or off the corporate network. Umbrella delivers complete visibility into internet activity across all locations and endpoints, and can proactively block malicious requests before a connection is established.

Cisco AMP for Endpoints

Cisco AMP for Endpoints provides point-in-time protection against known malware files and uses continuous analysis and retrospective security to detect malware that evades initial inspection. This cloud-based service uses a combination of file signatures, file reputation, behavioural indicators, built-in sandboxing technology, and global threat intelligence provided by the Talos threat research group to strengthen front-line defences, analyse unknown files, and automatically block malware trying to enter the endpoint.

It’s Time to Simplify and Strengthen Your Cybersecurity

Cisco Umbrella and Cisco AMP for Endpoints together provide the first and last line of defence to help you prevent, detect and respond to attacks before damage can be done.