Cisco has announced the release of new email security services that provide better protection from phishing and spoofing attacks, while increasing the level of protection against malware, ransomware, cryptojacking, and fileless malware attacks.
Virtually all endpoint security solutions block more than 99% of malware. The new updates are concerned with blocking some of the 1% of malware which are often not detected by security solutions.
To protect against email impersonation attacks, Cisco has signed an OEM agreement with Agari and is using the Domain-Based Message Authentication, Reporting, and Conformance (DMARC) authentication standard to provide real-time protection against emails sent by users not authorized to use a particular domain.
Cisco notes that recently the U.S. Department of Homeland Security has made it mandatory for all federal agencies to implement DMARC to protect their .gov email domains from spoofing, and suggests that many organizations are likely to be required to use DMARC in the future for compliance.
Advanced Phishing Protection is a new service that uses machine learning to block advanced identity deception attacks, assessing both the authenticity and reputation of senders. This additional control provides greater protection against business email compromise (BEC) attacks.
Cisco has also added new capabilities to its cloud-managed security solution, Advanced Malware Protection (AMP) for Endpoints. A new engine has now been installed to detect and block ransomware and a new protection mechanism introduced to block fileless malware attacks.
A new cloud application – Cisco Visibility – has also been built into the endpoint console that simplifies security investigations to help IT security teams investigate security incidents much more rapidly. The system offers a visual representation of the extent of a compromise across endpoints, the network, and the cloud. The solution incorporates threat intelligence from Cisco Talos and third-party sources.
Cisco has also announced that its relationship with ConnectWise has also been expanded to ensure managed service providers can offer Cisco Security to their customers. Cisco AMP for Endpoints, Cisco Stealthwatch Cloud, Cisco Umbrella, Cisco Adaptive Security Appliances, Cisco Meraki MX appliances, and the Cisco Next-Generation Firewall can be delivered by MSPs via a new ConnectWise Advanced Security Dashboard. The new dashboard will be launched on April 19, 2018.