indicators of compromise

September 29, 2018

SECURITY

Defeating Polymorphic Malware with Cognitive Intelligence. Part 2: Command Line Argument Clustering

7 min read

Command Line Argument Clustering algorithm is an innovative weapon that works for security analysts to help uncover evasive malware and morphing threats in their environments.

February 13, 2017

SECURITY

Staying Ahead of the Hack: Operationalizing Threat Intelligence to Strengthen Defenses

3 min read

Many pieces of forensic evidence come into play when investigating a crime scene – analysis of fingerprints, DNA, shoe prints, videos/photos, ballistics, etc. By analyzing the data, a picture of...

February 16, 2015

SECURITY

Moving from Indicators of Compromise to Actionable Content – Fast

3 min read

Advanced threats are continuously evolving and so must our ability to detect, understand, and stop them. Indicators of Compromise are vital to this process. At Cisco, our approach to developing Indicators of Compromise and interpreting them is continuously evolving to empower you with the best intelligence to thwart stealthy attacks. Not only the Indicators themselves, […]

February 9, 2015

SECURITY

How AMP Threat Grid Accelerates Incident Response with Artifacts, Content, and Correlation

2 min read

As a result of Cisco’s acquisition last May, ThreatGRID is now part of the Cisco Advanced Malware Protection (AMP) portfolio as AMP Threat Grid. The acquisition expands Cisco AMP capabilities in the areas of dynamic analysis and threat intelligence technology, both on-premise and in the cloud. AMP Threat Grid extends Cisco AMP with even greater […]

September 17, 2014

SECURITY

A Visibility-Driven Approach to Next-Generation Firewalls

3 min read

Cisco ASA with FirePOWER Services has redefined the next-generation firewall (NGFW) as an adaptive, threat-focused platform, delivering superior, multi-layered protection, unparalleled visibility, and reduced security costs and complexity. This...

July 9, 2014

SECURITY

A New Model to Protect the Endpoint, Part 3: Automated Advanced Analytics

2 min read

In my final post in this series, I wanted to focus on another powerful innovation made possible by combining a big data architecture and a continuous approach for more effective protection: automated, advanced analytics. Today’s advanced malware compromises environments from an array of attack vectors, takes endless form factors, launches attacks over time, and can […]