App Review Cisco AMP Endpoint Antivirus 2025

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra

Shadowra

Level 38
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,757
Cisco is an American manufacturer of security solutions and IT equipment (switches, routers, firewalls, etc.).
Well-known and appreciated in the professional world, Cisco also offers an antivirus solution, Immunet, which we already know for home users.
Let's see what it's worth.



Interface :

The interface is very basic - all you can do is run analyses!
For configuration, you have to go through me panel, which is also pretty basic.
Very few configuration options are available, despite Cisco's many security policies.
I chose the Protect option, which is the closest I've ever come to using the system.

Web protection: 7/10
Cisco does not offer Web protection, so downloaded files will be scanned.
Overall, the result is positive, despite 3 infections that passed without reaction.

Fake crack : 1/1
Blocked

Malware Pack : Remaining 14 files out of 85.
Cisco's engine is pretty good, but blocking unknown malware is another story...
Although Cisco has tried to defend itself by blocking certain payloads and blacklisting malicious C&C servers used by certain Botnets/RATs, it's still very unlucky. The machine finds itself violently infected by Custom malware, which acts like Ransomware and patiently encrypts files, but the facts are there!
Worse still, when the machine is rebooted because it has crashed, the malware modifies the Userini registry key (which displays user accounts during Windows sessions) to replace its own. I end up with an equivalent used by the MEMZ malware. Unable to start the session, the machine requires major system repairs.

Final scan : The computer is destroyed, impossible to analyze.

Final opinion:

Cisco offers very average protection, totally unsuited to the protection market.
Although its anti-malware engine and C&C server blacklist are pretty good, it struggles to protect effectively against unknown malware - the proof being that the machine died at the end of the test!
Not recommended.

@kamiloxf request
 

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
975
Great test!

You probably need to test AMP with a Cisco Firepower Firewall or one of their new AI security firewalls. I don't think many shops/corp are running AMP now though, more likely a mix of Cisco kit and CrowdStrike or some other EDR. I think Cisco realized their market share of EDR is pretty low and would rather push people towards their hardware.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top