AMP automatically detects and blocks known and emerging threats in real time using both cloud- and system-based technologies that include global big data analytics, machine-learning, fuzzy fingerprinting, a built-in antivirus engine, rootkit scanning, and more.
Continuous monitoring and recording
Once a file lands on the endpoint, AMP continues to watch, analyze, and record file activity, regardless of the file’s disposition. When malicious behavior is detected, AMP shows you the recorded history of the malware’s behavior over time: where it came from, where it’s been, and what it’s doing. Then AMP will automatically quarantine and remediate the file across all endpoints.
Broad endpoint coverage
Malware can attack through a variety of attack vectors. You need endpoint security that can protect them all. AMP protects endpoints running Windows, Mac OS, Android, and Linux. Deploy AMP’s lightweight connector, and users see no impact on device performance because AMP performs all analysis in the cloud, not on the endpoint itself.