It has always been best practice to have Anti-Virus (AV) on your machine although, historically, AV has been resource hungry and often a day late and a dollar short on protection. As new threats emerge, it can take weeks for a fix to be engineered, tested, and then pushed out to clients. During this time, you are vulnerable and there isn’t much you can do about it other than educate your users and pray.
Cisco’s AMP for Endpoints product has been around for quite some time and has proven itself a valuable product at detecting and mitigating threats. The problem with AMP for endpoints has always been the fact that even Cisco would admit you should keep your current AV in place. This has made it difficult for companies to justify having two security products.
Luckily, this is no longer an issue. Recently, Cisco has confirmed that AMP for Endpoints can fully replace your current AV program. AMP collects data from billions of sensors from all over the world and uses this information to protect the devices you have protected with AMP. This provides some of the best day-zero attack preventions seen to date.
That’s great and all, but what about files that haven’t been detected? Let’s assume you download a file today that AMP sees as safe and then 3 weeks later, an AMP sensor on the other side of the world determines that that same file you downloaded is malicious. Within minutes the cloud receives the update and so does your client. Once you receive the update, which could be only a matter of minutes, AMP will discover that you downloaded that file 3 weeks ago and it can automatically quarantine the item before it delivers a payload. Using the same information, you can then look at the file trajectory and see where the file went from there.
Can your anti-virus do that? Reach out to us today to learn more, 800-610-1858!