Cisco Cisco AMP Threat Grid 5000 Appliance Information Guide
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 1 of 3
Customer Case Study
EXECUTIVE SUMMARY
CENTER FOR INTERNET SECURITY
● Security
● Albany, New York
● Albany, New York
CHALLENGE
● Resolve malware incidents for member
organizations
● Automate malware analysis for prompt,
accurate response
● Scale easily with increased incidents
SOLUTION
● A scalable infrastructure for analyzing
thousands of malware samples
● An easy-to-use API for automated malware
submission and resolution
● Threat intelligence feeds for real-time analysis
of potential threats
BUSINESS RESULTS
● Cost-effective, automated malware analysis
● Context-rich threat content for timely and
● Context-rich threat content for timely and
accurate action
● Deeper insights for proactive malware
defense
Nonprofit Security Firm Helps 19,000 Members
Automate Malware Analysis
Center for Internet Security deploys Cisco
®
advanced malware security to accelerate
response time to malicious attacks on U.S. government entities.
Challenge
The Center for Internet Security (CIS) is a nonprofit organization that
helps public and private sector entities improve their cybersecurity.
CIS is also home to the Multi-State Information Sharing and Analysis
Center (MS-ISAC), a program designated by the U.S. Department of
Homeland Security as a key cybersecurity resource for state, local,
tribal, and territorial (SLTT) governments. The MS-ISAC includes
members from all U.S. state governments, as well as U.S territories
and tribal entities, along with hundreds of local governments.
helps public and private sector entities improve their cybersecurity.
CIS is also home to the Multi-State Information Sharing and Analysis
Center (MS-ISAC), a program designated by the U.S. Department of
Homeland Security as a key cybersecurity resource for state, local,
tribal, and territorial (SLTT) governments. The MS-ISAC includes
members from all U.S. state governments, as well as U.S territories
and tribal entities, along with hundreds of local governments.
Member or not, any SLTT government organization can take
advantage of MS-ISAC cybersecurity assistance through its 24/7
operations center, which provides services such as managed
security, incident response, malware analysis, and computer
forensics.
advantage of MS-ISAC cybersecurity assistance through its 24/7
operations center, which provides services such as managed
security, incident response, malware analysis, and computer
forensics.
Due to an ever-increasing number of malware attacks, CIS realized it
needed a more scalable solution with a larger infrastructure and
automated malware analysis for its MS-ISAC services. “There are
millions of malware samples released into the public domain daily,
and that number is increasing,” says Adnan Baykal, CIS vice
needed a more scalable solution with a larger infrastructure and
automated malware analysis for its MS-ISAC services. “There are
millions of malware samples released into the public domain daily,
and that number is increasing,” says Adnan Baykal, CIS vice
president of security services. “In addition, the number of nation-state actor attacks is also growing, increasing our
need for automated malware analysis in a trusted environment.”
need for automated malware analysis in a trusted environment.”
CIS initially considered building an in-house infrastructure, but after further investigation determined it would be a
cost-prohibitive approach for a nonprofit organization with limited resources. CIS began a search for a solution with
an infrastructure that could manage a small volume initially, and then scale to handle thousands of malware
submissions as needed. “At first we looked at many open-sourced solutions, but they didn’t offer the scalability we
wanted,” says Baykal. “Plus, open source solutions are in the public domain, where the attackers are lurking. If
they discovered our investigations, they could change their TTPs, or tools, tactics, and procedures, and make
resolving the issues more challenging.”
cost-prohibitive approach for a nonprofit organization with limited resources. CIS began a search for a solution with
an infrastructure that could manage a small volume initially, and then scale to handle thousands of malware
submissions as needed. “At first we looked at many open-sourced solutions, but they didn’t offer the scalability we
wanted,” says Baykal. “Plus, open source solutions are in the public domain, where the attackers are lurking. If
they discovered our investigations, they could change their TTPs, or tools, tactics, and procedures, and make
resolving the issues more challenging.”