April 10, 2014 (Thu): Cisco today announced that its Advanced Malware Protection (AMP), originally developed by Sourcefire®, was ranked among the top solutions in NSS Labs’ latest Security Value Map (SVM) for Breach Detection Systems (BDS), earning a “Recommended” rating. NSS Labs measured AMP’s effectiveness and TCO per protected Mbps, finding that the solution delivered top protection faster than all other vendors – far outpacing competitive solutions. The results of NSS Labs’ rigorous testing further validates Cisco’s continuous approach to defending customers against advanced threats from the cloud to the network to the endpoint and across the attack continuum – before, during and after an attack.
Given today’s threat landscape, “point-in-time” technologies, such as sandboxes or antivirus, are only one part of a required solution since advanced malware can evade these defenses. Advanced Malware Protection is the only solution that goes beyond point-in-time detection to offer continuous analysis, retrospective security, and multi-source Indicators of Compromise (IoC). Retrospective security specifically provides the ability to “go back in time” and identify, contain and then remediate malware that initially evades defenses, filling an important gap existing in point-in-time products. Combined, this makes AMP the best value in the market today with industry leading total-cost-of-ownership (TCO)/protected Mbps.
Based on the NSS Labs tests, AMP was the leader in numerous categories. AMP not only scored a 99% overall breach detection rating, but was the leader in lowest cost-of-ownership – besting multiple competitors in both categories. In addition:
- AMP detected 100% of exploits in testing, demonstrating its leadership in identifying the malicious software used to breach and compromise systems.
- AMP detected 99% of Web-based malware delivered via browsers and 98% of malware using e-mail to enter organizations.
- AMP detected malware employing every evasion technique tested, such as code designed to defeat sandbox and virtual machine based analysis and detection
- AMP delivered faster time to detection than all other vendors.
“With the rapid innovation in the security market, especially with so many technologies claiming to address zero day and targeted attacks, it’s easy for security practitioners to be overwhelmed with options and inflated marketing claims,” said Vikram Phatak, CEO of NSS Labs. “Our Breach Detection Systems reports will provide these practitioners with objective, empirical data to make educated purchasing decisions based on real-world scenarios. Based on these reports, Advanced Malware Protection from Cisco should be on everyone’s short list.”
Christopher Young, senior vice president, Cisco Security Business Group, said: “ Cisco is taking a leadership position in delivering end-to-end protection for our customers, including against advanced threats. The innovation in Advanced Malware Protection, from Sourcefire, is a critical component of our strategy. This report validates our ability to quickly detect and defeat advanced persistent threats and zero day attacks. With the lowest TCO of all tested solutions, Cisco provides users with confidence that they are protected from the vast majority of attacks with defenses that are persistent, agile and highly cost-effective.”
Advanced Malware Protection utilizes the vast cloud security intelligence networks of both Cisco and Sourcefire (now part of Cisco). Like the attacks it is designed to protect against, AMP evolves to provide continuous monitoring and analysis across the extended network and throughout the full attack continuum – before, during and after an attack.