If you can do that in a secure sandbox environment, that's an invaluable feature. We're trying, for example, to determine, when people send information in, if an attachment is legitimate or not. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP." "The ability to detonate a particular problem in a sandbox environment and understand what the effects are, is helpful. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. "If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that." "The most valuable feature is signature-based malware detection." "Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |