Cisco Threat Grid M5 - Security appliance - 2 ports - 1GbE - 1U - rack-mountable
- Glovebox
- On-premises appliance
- Advanced analytics
- Advanced behavioral indicators
- Threat score
- Remote updates
- API for integration
A Threat Grid appliance delivers on-premises advanced malware analysis with deep threat analytics and content. Organizations with compliance and policy restrictions can analyze malware locally by submitting samples to the appliance. With a Threat Grid appliance you can analyze all samples using proprietary and highly secure static and dynamic analysis techniques. It correlates the results based on behavioral indicators derived from the historical and global context of hundreds of millions of other analyzed malware artifacts to provide a comprehensive view of malware attacks, campaigns, and their distribution. This ability helps you effectively defend against both targeted attacks and threats from advanced malware. Threat Grid's detailed reports, including the identification of important behavioral indicators and the assignment of threat scores, let you quickly prioritize and recover from advanced attacks.
-
Glovebox
Glovebox is a user interaction tool that provides a safe environment to dissect malware without the risk of infecting your network. Built into the appliance, analysts are able to interact with the sample while it is being analyzed including opening applications, clicking through dialogue boxes, and even reboot the virtual machine if needed.
-
On-premises appliance
Provides safe and highly secure on-premises static and dynamic malware analysis to maintain the confidentiality of data. Easily integrates with existing security infrastructure. Provides safe on-premises storage of malware analysis results
-
Advanced analytics
Delivers comprehensive security insight into malware behavior and direct links to the sample source and associated behavior in Threat Grid's extensive database. Provides easy access to all information and analysis results for further investigation.
-
Advanced behavioral indicators
Analyzes more than 1000 highly accurate and actionable advanced behavioral indicators with few false positives. Produces comprehensive indicators through advanced static and dynamic analysis encompassing numerous malware families and malicious behaviors. Delivers the broadest context around threats and helps you make quick and confident decisions.
-
Threat score
Automatically derives threat scores from proprietary analysis and algorithms that consider the confidence and severity of observed actions, historical data, frequency, and clustering indicators and samples. Prioritizes threats with confidence to reflect each sample's level of malicious behavior. Improves the prioritization of threats, which enhances the efficiency and accuracy of malware analysts, incident responders, security engineering teams, and products that consume Threat Grid's feeds.
-
Remote updates
Has the capability to be manually updated to help ensure an up-to-date knowledge base while complying with corporate or regulatory policies to keep all information within logical boundaries.
-
API for integration
Simplifies fast operationalization of threat intelligence with existing security and network infrastructure. Makes integration fast and easy with Threat Grid's representational state transfer (REST) API. Provides integration guides for a number of third-party products, including gateways, proxies, and security information and event management (SIEM) platforms.
