San Francisco, Calif. RSA Conference 2018, April 16, 2018— Employees remain an organization's greatest asset however they can be a risk when it comes to cybersecurity. Attackers are crafting highly targeted, fraudulent emails that look legitimate and use them to deliver malware to unsuspecting users. When successful, it costs the majority of companies $500K or more in lost revenue, customers, opportunities, and out-of-pocket costs.[1]To combat the rise of advanced threats targeting employees, Cisco is announcing new email security services to protect users from these fraudulent emails, as well as new capabilities to protect employees' devices from ransomware, cryptomining, and fileless malware.
Nearly all endpoint security solutions on the market claim to block 99 percent of malware. But what about the one percent of threats that evade detection using sophisticated techniques? Cisco® Advanced Malware Protection (AMP) for Endpoints, a cloud-managed endpoint security solution, prevents attacks and helps uncover the one percent of threats that can cripple a business. Cisco is adding a number of new capabilities to AMP for Endpoints, including:
- Sophisticated detection and protection mechanisms to stop today's threats, including ransomware, and cryptomining:Cisco is now bolstering its threat protection even when a user is offline. The new AMP for Endpoints exploit prevention helps protect against fileless attacks, including those that reside solely in memory. Cisco AMP's new malicious activity protection stops ransomware execution, killing the processes and preventing propagation.
- Cisco threat researchers analyzed ransomware variants to identify the common techniques used for encryption. The result: a new engine that continuously protects against ransomware encryption and propagation to keep businesses safe from ransomware.
- Fileless malware has recently gained popularity in part because of the difficulty in detecting it. Built directly into the foundation of Cisco AMP is a new protection mechanism that requires no tuning or adjustments to stop these threats. It protects against unpatched software vulnerabilities and keeps working around the clock, even when users are offline.
- Threat investigation with Cisco Visibility,a new cloud application built into the endpoint console which simplifies and accelerates security investigations so security analysts can rapidly investigate incidents with confidence, quickly and at scale. It ingests, normalizes, and enriches security events and provides a visual representation of the extent of a compromise spanning from endpoints to network to cloud.
- Cisco Visibility combines threat intelligence from Cisco Talos™ and third parties with internal security event and alert data from across an organization's security infrastructure to simplify investigations, reduce complexity, and shorten incident triage and remediation time.
- Visibility minimizes the need to switch between multiple consoles to perform common tasks. With a few simple clicks, a user can dive deeper into the data from Talos, Cisco Umbrella Investigate™, Threat Grid, AMP, and other sources to quickly understand how observables exist in an environment and how they relate to each other.
- Reference Link : https://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1921005
