AMP uses behavioral analysis, sandboxing, and machine learning to detect and block advanced malware that evades traditional signature-based tools.
AMP is Cisco's brand name — the concept is next-gen AV/EDR. Sandboxing executes suspicious files in an isolated environment to observe behavior. Key for detecting zero-day malware.