How does AMP work?
Cisco offers an Advanced Malware Protection (AMP) system that covers the entire attack continuum — before, during, and after an attack. AMP works by using multiple detection capabilities combined with continuous analysis and advanced analytics that support Cisco’s retrospective security and enable managers to review previous and current threats in their system.
This combination provides detection capabilities that go beyond traditional point-in-time detection, allowing AMP for endpoints to also retrospectively detect files that become malicious after the initial point of entry.
Cisco AMP Key Features
AMP informs users of infected files in the malware determination changes after initial analysis. The solution captures, analyses, and correlates activity to provide security personnel with automated analysis and risk privatisation.