Many of the hacking attempts launched against enterprises go after the target firm’s employees, whose login credentials often represent the most straightforward means of accessing key systems. Cisco Systems Inc. wants to mitigate the threat.

At the RSA Conference today in San Francisco, the networking giant introduced an enhanced version of its cloud-managed Advanced Malware Protection for Endpoints security platform to improve protection of workers from attack. The upgrade significantly expands upon the software’s threat mitigation capabilities.

To start, Cisco has added an antiransomware engine that draws on internal research conducted by its security experts. According to the company, the mechanism is designed to detect any malicious attempts to encrypt the data on a device and automatically terminate the offending process. Cisco said that it can thus not only prevent hackers taking important files ransom, but also stop the malware from spreading further throughout a firm’s network.

The antiransomware engine is joined by a capability that targets another significant threat: fileless attacks. This type of threat is characterized by the fact that no malware has to be downloaded onto the user’s device. Instead, hackers exploit flaws in existing applications, a tactic that Cisco saids AMP for Endpoints can now counter by flagging vulnerable programs ahead of time.

The company unveiled the device protection features alongside an integration with Cisco Visibility, a threat intelligence product, that aims to ease the investigation of security incidents. The tool enables network protection teams to enrich internal incident logs with information about hacker activity sourced from external security feeds. Cisco said the data can make it easier to understand the full scope of a breach and how to fix it.

The enhancements to AMP for Endpoints are part of a broader push by the networking giant to bolster its breach prevention portfolio. In conjunction with the update, Cisco announced a partnership with San Mateo, California-based Agari Data Inc. to make the startup’s email security technology available to its customers.

The collaboration will see the company roll out two new offerings. The first, Cisco Advanced Phishing Protection, uses machine learning to identify emails from malicious senders who try to pass themselves off as someone else. The other product, Cisco Domain Protection, aims to help companies prevent attackers from hijacking their domain names to distribute malicious messages.

Image: Unsplash