In March 2015, Cisco created the AMP Threat Grid for Law Enforcement Program, empowering state and local law enforcement agencies with its dynamic malware analysis and threat intelligence platform. Cisco has renewed the program and made it a permanent part of Cisco Gives. Law Enforcement investigators can register for the program on the new Cisco Threat Grid Law Enforcement Program page.
The no-cost AMP Threat Grid for Law Enforcement program is for state and local agencies with less than 1,000 sworn officers. Once empowered with AMP Threat Grid, within seconds of a threat intelligence query or within a few minutes of a submitting a suspicious file or URL for analysis, an investigator has the ability to view and download an easy-to-read and comprehensive report detailing the actual behavior of the submitted file, including changes to the file system, registry, command-and-control communication, downloads, code injection and other malicious activity. In addition, AMP Threat Grid will correlate the file with the millions of samples and billions of artifacts in the threat intelligence database, providing instant global and historical context. The program also includes seamless integration with EnCase Forensic, to reduce investigators' time and effort to identify and analyze suspected malware.
Threat Grid continues to be used to support law enforcement investigations around the globe. "As a local detective assigned to a USSS Financial Crimes Task Force, I respond to many low to mid-sized point of sale (POS) breaches. We have limited resources and budget, and Threat Grid is invaluable in analyzing suspicious processes to determine the behavior and threat. We appreciate Cisco's AMP Threat Grid Law Enforcement Program, providing us this leading edge malware analysis and threat intelligence platform to aid in my investigations," commented Det. Michael Chaves, Monroe CT Police Department, USSS CT Financial Crimes Task Force.
We have limited resources and budget, and Threat Grid is invaluable in analyzing suspicious processes to determine the behavior and threat.
The AMP Threat Grid for Law Enforcement program includes:
Cisco will host a hands-on lab for threat intelligence and dynamic malware analysis at the Enfuse Conference, to be held at Caesars Palace in Las Vegas, May 23-26, 2016. The Enfuse session is entitled "Threat Intelligence for Law Enforcement".
Again, Law Enforcement investigators can register for the program on the Threat Grid Law Enforcement Program page. The AMP Threat Grid Malware Analysis and Intelligence for EnCase EnScript is available for download at no cost to Guidance Software's customers from the EnCase App Central store; which includes a 30-day pilot of the full solution for non-law enforcement incident responders, with malware sample submissions and contextual searches of the Threat Grid threat intelligence repository.