In the hyper-competitive world of endpoints security, proof of efficacy is the only real impartial way to valuably differentiate. However, public testing for next generation endpoint security solutions such as Cisco Advanced Malware Protection (AMP) for Endpoints has been lacking. Endpoint security tests have traditionally evaluated the efficacy of anti-virus. Since AMP uses more than 14 detection and protection mechanisms in addition to anti-virus, general testing was not viable and most organizations opted to conduct their own tests.

Until now. On the cusp of the latest NSS Labs testing results for Advanced Endpoint Protection (AEP) Cisco AMP for Endpoints, participating for the first time, earned an NSS “recommended” result, ranking high for its efficacy and lowest Total Cost of Ownership (TCO).

NSS Labs has continually been evolving their AEP testing methodology to adapt to the ever-changing endpoint security market. As threats change, what was important in the past may not be important today. NSS Labs only gave a “recommended” rating to vendors who shows superior efficacy with low cost of ownership.

NSS Labs tested efficacy through traditional and non-traditional attacks while also monitoring against False Positive detections. Scores were assigned based on how effective solutions were at protecting against both common and new threats.

Cisco AMP for Endpoints employs multiple detection mechanisms to ensure maximum coverage at the entry point, including traditional AV signatures as well as memory-based protection for fileless malware. In addition, to combat the latest in malware Cisco AMP for Endpoints employs a powerful dynamic analysis engine and built in sandbox with the integration of Threat Grid. This takes new, never before seen files, and thoroughly runs them through a sandbox environment to analyze file behavior and catch new malware. In addition, our latest engine, Malicious Activity Protection, is built to catch malware as it runs on the endpoint, to completely close the gap and protect endpoints live. It continuously monitors file and user behavior on endpoints to detect suspicious activity. For example, if a user downloads a Word document with macros, and that file begins to make power shell commands or delete shadow copies, AMP will kill the process, prevent encryption, and provide an alert about potential ransomware.

Not only does NSS Labs test efficacy of products but rates them against total cost of ownership. Implementing Advanced Endpoint Protection products can be expensive to procure and all factors, including deployment and maintenance factors that need to be considered when choosing the right endpoint protection solution.

Cisco AMP for Endpoints, while high in efficacy, also came in with a low cost of ownership. This means keeping your endpoint secure with the latest and greatest security won’t break the bank.

To sum up, in its debut, security efficacy test, Cisco AMP for Endpoints achieved low TCO and 94.7 security effectiveness. Whether you’re already an AMP customer or looking for the best in endpoint security you can be confident Cisco AMP for endpoints is the right choice.

Get started with your own 30 day free trial of AMP for Endpoints today.


Neil Patel

Technical Product Marketing Manager

Advanced Threat Solutions Portfolio