Cisco’s enterprise Relevant Products/Services security offerings with a new endpoint security tool is swelling up. As a part of its annual Cisco Partner Summit taking place in San Francisco this week the company launched Cisco AMP for Endpoints. 

This new tool intends to put together prevention, detection and response into one platform that uses a bolder approach towards security while compared with a prevention-only strategy.

“By leveraging the scale and power of the cloud and Cisco’s threat-centric security architecture, AMP for Endpoints (pictured above) allows customers to see and stop more threats, faster,” the company said in a statement.

A fresh Approach to Endpoint Security

The company was satirical of other tools which adopt a prevention-only strategy, arguing that taking a relatively reluctant attitude towards security was unfitting given the current scenario of cyber threats. This is partially because of an over depending on legacy tools that may have been quick fixed with extra upgrades eventually but are still not the best fit to protect modern network infrastructure yet add to the complications of security solutions. 

“With the fact that it takes enterprises, on average, over 100 days to detect a threat in their own environment, it is clear that organizations need a new approach to endpoint security,” the company stated.

“AMP for Endpoints will provide enterprises with a simpler and more effective solution for endpoint security by combining prevention, detection and response in one SaaS-deployed, cloud-managed solution, according to Cisco. The new tool reduces complexity by combining multiple capabilities into a single platform”, the company stated.

More Effective Responses

To boost the prevention capabilities of AMP for Endpoints, Cisco is giving the tool access to global threat intelligence from Talos, its in-house cybersecurity intelligence organization. It will also include built-in sandboxing technology to quarantine and analyze unknown files, the company stated.

AMP will also offer greater visibility and faster detection through continuous monitoring and shared analytics to detect stealth attacks, according to Cisco. AMP for Endpoints will record all file activity to monitor and detect malicious behaviour, which it can then use to alert security teams. The platform shares and correlates threat information in real time, which should help reduce time to detection to minutes, the company said.

In addition, Cisco said AMP will offer enterprises a more effective response, thanks to the platform’s deep visibility and a detailed recorded history of the behaviour of malware over time, including details such as where it came from, where it has been, and what it has been doing.

AMP for Endpoints accelerates investigations and reduces complexity through a cloud-based user interface that searches across all enterprise endpoints for Indicators of compromise, Cisco said. Users can then systemically respond to attacks across PCs, Macs, Linux and mobile devices, removing malware with a few clicks.

“Today’s AMP for Endpoints launch is a critical milestone,” said Scott Harrell, vice president, product management, security business, Cisco Systems, in the statement. “Customers now have the opportunity to simplify their endpoint security strategy, securing mobile users, servers and desktops by leveraging Cisco’s threat-centric security architecture.”