AMP Threat Grid

5 min read

Cisco Security was a proud technology partner in the Network Operations Center (NOC) at Black Hat Asia, providing secure and open Internet access to attendees. See what the NOC discovered.

7 min read

The integration of SD-WAN with cloud management functionality into the Cisco family of routers in 2018 excited many of our customers. So what can we look forward to as this technology enters its next phase?

4 min read

Indicators of Compromise (“IOC”) are used to suggest a system has been affected by some form of malware. An Indicator of Compromise can be anything from a file name to the behavior observed while malware is actively running on an infected system. Where do they look? Social media, new feeds, industry reports, Threat Grid sample […]

4 min read

Effective security is simple, open, and automated.  We’ve already talked about simple and open. Now let’s talk about automated. Security admins can relate to this scenario. You just learned of an infected system in your environment of thousands of devices. How many others are affected? That’s hard to figure out even in elite operations. What […]

8 min read

This post was authored by Veronica Valeros, Petr Somol, Martin Rehak and Martin Grill, on behalf of the whole CTA team. Some of us still intuitively believe that our extensively...

7 min read

This blog is the first in a 3 part series that will provide an in-depth technical analysis on the H1N1 malware. I’ll be looking at how H1N1 has evolved, its obfuscation, analyzing its execution including new information stealing and user account control bypass capabilities, and finally exploring how we are both using and influencing security tools […]

10 min read

0.0 Introduction: In our previous post we discussed the AMP ThreatGrid Research and Efficacy Team’s continuous support for Ransomware attack vectors, generic behavior detection of un-discovered variants, and the creation of behavioral indicators once new variants are identified. In this post we’ll be discussing one of the more prevalent variants to surface in the wake […]

5 min read

This is the first in a series of blogs about advanced malware Behavioral Indicators Morph Over Time A large part of Threat Grid’s efficacy in determining the nature of a submitted file is through the use of over 675 indicators to identify malware. The initial indicators created for AMP Threat Grid sought to identify strictly […]

3 min read

On November 3rd, Cisco announced that we are extending our Security Everywhere strategy with new solutions and services aimed at helping our customers gain greater visibility, context, and control from the cloud to the network to the endpoint. Providing organizations more visibility means being able to see all their systems, not just Windows but Mac, […]