Cisco releases new malware detection solutions in Kenya

No photo availableCIO Africa authorByStaff Writer
4 min read

Cisco announces the addition of AMP Threat Grid to the Cisco Advanced Malware Protection (AMP) portfolio, which integrates innovation acquired…

Cisco has unveiled a host of new capabilities and services
Cisco has unveiled a host of new capabilities and services that give security professionals extensive intelligence and analysis on potential compromises and solutions to protect against, respond to and recover from attacks.

Cisco announces the addition of AMP Threat Grid to the Cisco Advanced Malware Protection (AMP) portfolio, which integrates innovation acquired through last year’s acquisition of ThreatGRID. This integration provides the latest malware threat intelligence and dynamic malware analysis capabilities, both on-premise and in the cloud, that strengthens Cisco AMP’s continuous analysis and zero-day detection capabilities. In addition, Cisco is introducing Incident Response Services that equip Kenyan organizations with teams of information security experts that leverage threat intelligence and best practices for readiness and response from network to endpoint to cloud.

As dynamic as the modern threat landscape is, there are some constants; adversaries are committed to continually refining and developing new techniques that can evade detection and hide malicious activity. This is evident by the 250 percent increase in malvertising attacks as cited in the Cisco 2015 Annual Security Report. Additionally, the report continues to show that enterprises are in a persistent state of infection, showing 100 percent of networks analyzed had traffic going to websites hosting malware.

According to Sabrina Dar, Cisco GM, East Africa, “Every day, organizations are faced with advanced threats that infiltrate and persist in company environments for months before they are discovered. We believe that the most effective way to address these real-world challenges is continuous threat protection against these attacks. Further enhancements like advanced correlation of indicators of compromise, vulnerability mapping and expanded retrospective security further differentiate Cisco AMP and strengthen security teams’ responses before, during and after an attack.”

She also added that attacks were occurring at an alarming rate and that many enterprises lacked cybersecurity professionals with the necessary expertise and skills to prepare for and mitigate these attacks.

New threat intelligence, dynamic malware analysis and retrospective security capabilities for Cisco AMP enhance protection across the attack continuum. AMP Threat Grid providesdynamic malware analytics and threat intelligence. AMP Threat Grid analytics engines provide security teams with breach detection against advanced malware, allowing them to quickly scope and recover from a breach by providing context-rich, actionable threat intelligence.

Unique to Cisco AMP, the solution continuously records and analyzes file activity at and after initial inspection. If a file exhibits malicious behavior after the fact, retrospective security rolls back the tape to see the origin of a potential threat, the behavior it exhibited, and provides built‐in response capabilities to contain and eliminate the threat.

There is a widening gap between the availability of expert security practitioners and the industry’s needs, as companies lack both funding and manpower to adequately protect assets and infrastructure. Chief Information Security Officers are increasingly looking to external experts for security guidance.

“The Cisco Incident Response Services team works with businesses to address these challenges, taking an intelligence-driven approach to security, so that security blind spots can be reduced and network visibility improved. Armed with this insight, Cisco can significantly minimize the impact of a breach via proven readiness and response services,” added Sabrina.

Leveraging threat intelligence from the Cisco Talos Security Intelligence and Research Group, AMP and the expertise of the Cisco Security Solutions (CSS) team, the Incident Response Services group works with organizations to identify the source of infection, where it entered the environment, and what data was compromised.

It will support businesses in two areas which are Cyber Attack Response and Cybersecurity Readiness.

Under Cyber Attack Response, Cisco Security Incident Response methodology will provide an expedience and allows for flexibility to continuously adjust to the dynamic threat landscape. Whether it’s an insider threat, distributed denial of service, advanced malware at the endpoints or customer data breach, the team guides an organization through identification, isolation and resolution using Assessment, Analysis and Data Mining; Forensic Image Analysis; Infected System Dynamic Instrumentation; Malware Reverse Engineering and Exploit Analysis and Re‐Implementation.

And with the Cyber-security Readiness, Cisco Incident Response will provide an external expertise to assess and promote security best practices as well as to protect corporate data and prepare for the inevitable data breach incident. Cisco Incident Response offerings spans infrastructure breach preparedness assessments, security operations readiness assessments, breach communications assessments among others.

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co