Know your gear
Cisco Advanced Malware Protection (AMP) for Endpoint offers the only advanced malware protection system that covers the entire attack continuum - before, during, and after an attack. It provides the continuous analysis and advanced analytics that support Cisco's retrospective security capabilities. Retrospective security is the ability to look back in time and trace processes, file activities, and communications to understand the full extent of an infection, establish the root cause, and perform remediation. The need for retrospective security arises when any indication of a compromise occurs, such as an event trigger, a change in the disposition of a file, or an indication of compromise (IoC) trigger. Retrospective security lets managers go back in time to investigate threats in their systems. Tools such as retrospection, attack-chain correlation, behavioral IoCs, trajectory, and breach hunting allow security professionals to establish scope, visibility, and control in the event of a breach. This capability helps your security team to quickly and effectively remediate all the threats in your environment before it's too late.