FireAMP for Unmatched Control

With today’s increasingly sophisticated and relentless attacks, outbreaks are inevitable. Sourcefire FireAMP is the only solution that helps contain damage after an attack and protect your network and systems from future attacks. Technology breakthroughs like FireAMP Outbreak Control and Cloud Recall™ speed response time in the face of an attack and automate remediation for unprecedented control. These technologies provide immediate recourse, instead of waiting for days or weeks for your current vendor to produce a signature.

Outbreak Control: Stop outbreaks with custom protections you create on the spot—no more waiting for updates from your security vendor.

Tool	When to Use
Simple Custom Detections	Fastest way to block specific malware
Advanced Custom Signatures	Useful for blocking families of malware or to close the gap when waiting for signatures from a security vendor
Application Blocking Lists	Blocks execution of applications based on group policies = good for 'Zero Day' attacks

Cloud Recall: Automatically remediate systems—quarantine files that are now determined to be malware—without a full scan.

FireAMP Also Provides

• Visibility: See more than ever before. Identify the root cause of the threat, how it has spread, and the specific behavior of the malware.
• Enterprise-ready: Scale protection. FireAMP works with existing security layers, for example intrusion detection and prevention (IDS/IPS), next-generation firewall (NGFW), and other anti-malware solutions, as part of a defense-in-depth strategy and delivers the performance, manageability, and scalability that organizations require.