Cisco Cisco AMP Threat Grid 5004 Appliance Guía De Información
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 3 of 3
Results
From the infrastructure perspective, the scalability of Cisco AMP Threat Grid is ideal for CIS, as are the advanced
malware analysis capabilities and threat intelligence feeds. “When we submit malware, we get timely and accurate
results,” says Baykal. “Plus, the threat intelligence feeds give us access to millions of malware samples and their
indicators, which helps us to correlate and analyze malware samples from around the globe and build a complete
threat picture.”
malware analysis capabilities and threat intelligence feeds. “When we submit malware, we get timely and accurate
results,” says Baykal. “Plus, the threat intelligence feeds give us access to millions of malware samples and their
indicators, which helps us to correlate and analyze malware samples from around the globe and build a complete
threat picture.”
The MCAP front end is helpful to constituents as well. “When people use MCAP, they can submit information about
malware, such as what kind of assistance—onsite or a phone call—they need, through a series of pull-down
menus,” says Baykal. “After a submission, usually within minutes, they get their analysis results of the malware
behavior. They’ll have an idea of the scope of the issue and all the indicators that they need to develop a reliable
and accurate remediation recommendation.” For instance, network indicators most likely are shared with an entity’s
network group to take precautionary measures at their perimeter firewalls or core routers to block specific IP
addresses or domains.
malware, such as what kind of assistance—onsite or a phone call—they need, through a series of pull-down
menus,” says Baykal. “After a submission, usually within minutes, they get their analysis results of the malware
behavior. They’ll have an idea of the scope of the issue and all the indicators that they need to develop a reliable
and accurate remediation recommendation.” For instance, network indicators most likely are shared with an entity’s
network group to take precautionary measures at their perimeter firewalls or core routers to block specific IP
addresses or domains.
With the breadth and depth of Threat Grid, CIS can see a more global threat picture. From there, CIS can decide
on the appropriate actions, such as sending an advisory out to all its members with the malware indicators, so the
entities can be more proactive with their defenses. And when government organizations need more guidance, CIS
provides that, too, helping entities understand what they are dealing with, such as what a specific threat actor does,
how it moves around, and what response is needed. If necessary, CIS can deploy a team onsite and help them
with the incident response process.
on the appropriate actions, such as sending an advisory out to all its members with the malware indicators, so the
entities can be more proactive with their defenses. And when government organizations need more guidance, CIS
provides that, too, helping entities understand what they are dealing with, such as what a specific threat actor does,
how it moves around, and what response is needed. If necessary, CIS can deploy a team onsite and help them
with the incident response process.
“The transparency of the solution’s operation, the communication, and the uptime—which is critical—all confirm for
us that we’re dealing with a partner that we can trust,” concludes Baykal. “We know we can rely on Cisco and that
our members can rely on us.”
us that we’re dealing with a partner that we can trust,” concludes Baykal. “We know we can rely on Cisco and that
our members can rely on us.”
For More Information
To learn more about Cisco AMP Threat Grid, go to
www.cisco.com/go/amptg
, or view the CIS video case study
Printed in USA
C36-735041-00 06/15